Connectors and Integration Patterns
Understanding Connectors
Connectors are the building blocks of Logic Apps integration. They provide pre-built access to hundreds of services, both in the cloud and on-premises.
Microsoft Reference: Connectors overview
Connector Types
Built-in Connectors
Built-in connectors run natively within the Logic Apps runtime with no external dependencies. They offer the best performance and lowest latency.
| Connector | Description |
|---|---|
| HTTP | Call any REST API endpoint |
| HTTP + Webhook | Register/unregister webhook callbacks |
| Request | Receive HTTP requests (trigger) |
| Response | Return HTTP responses |
| Schedule | Recurrence and sliding window triggers |
| Compose | Data manipulation and transformation |
| Parse JSON | Schema-based JSON parsing |
| Variables | Initialize, set, increment, append |
| Condition/Switch | Conditional branching |
| For Each / Until | Looping constructs |
| Scope | Group actions for error handling |
| Terminate | End workflow with status |
| Batch | Send and receive batched messages |
| Inline Code | Execute JavaScript snippets (Consumption only) |
Standard Plan Built-in Connectors
Standard (single-tenant) Logic Apps includes additional built-in connectors with better performance:
| Connector | Description |
|---|---|
| Azure Service Bus | Queues, topics, and subscriptions |
| Azure Blob Storage | Blob operations without managed connector overhead |
| Azure Cosmos DB | Document database operations |
| Azure Event Hubs | Event streaming |
| Azure Table Storage | Table operations |
| Azure Queue Storage | Queue operations |
| SQL Server | Database operations |
| IBM MQ | Enterprise messaging |
| SMTP / POP3 / IMAP | Email protocols |
Microsoft Reference: Built-in connectors for Standard
Managed Connectors
Managed connectors are hosted and managed by Microsoft. They run in Azure and connect to external services via APIs.
Standard Managed Connectors
| Connector | Service |
|---|---|
| Azure SQL | Azure SQL Database |
| Azure Blob Storage | Blob storage operations |
| SharePoint | SharePoint Online lists and libraries |
| Outlook.com / Office 365 | Email, calendar, contacts |
| OneDrive | File storage |
| Dynamics 365 | CRM operations |
| Azure DevOps | Work items, pipelines, repos |
| Azure Key Vault | Secret management |
| Azure Service Bus | Messaging (Consumption plan) |
| Azure Event Grid | Event routing |
| Teams | Posts, channels, adaptive cards |
Enterprise Managed Connectors
Enterprise connectors provide access to enterprise systems at a higher per-execution cost:
| Connector | Service |
|---|---|
| SAP | SAP ERP and S/4HANA |
| IBM 3270 | Mainframe terminal access |
| IBM DB2 | DB2 database |
| IBM MQ | Enterprise messaging (Consumption) |
| Oracle Database | Oracle DB operations |
Microsoft Reference: Managed connectors list
Custom Connectors
Create your own connectors to wrap any REST or SOAP API:
- Define the API — Import an OpenAPI (Swagger) specification, Postman collection, or build from scratch
- Configure authentication — API Key, OAuth 2.0, Basic Auth, or Azure AD
- Define actions and triggers — Map API operations to connector actions
- Set policies — Transform requests/responses with policy templates
- Share — Use within your organisation or publish to the connector ecosystem
{
"swagger": "2.0",
"info": {
"title": "Order Management API",
"version": "1.0"
},
"host": "api.example.com",
"basePath": "/v1",
"schemes": ["https"],
"paths": {
"/orders": {
"get": {
"operationId": "GetOrders",
"summary": "Get all orders",
"parameters": [
{
"name": "status",
"in": "query",
"type": "string",
"enum": ["pending", "processing", "completed"]
}
],
"responses": {
"200": {
"description": "Success",
"schema": {
"type": "array",
"items": { "$ref": "#/definitions/Order" }
}
}
}
}
}
}
}
Microsoft Reference: Create custom connectors
On-Premises Data Gateway
Connect Logic Apps to on-premises data sources through a secure gateway.
How It Works
Logic Apps (Cloud)
↕ HTTPS (outbound only from gateway)
On-Premises Data Gateway (installed on a server in your network)
↕ Native protocols
On-Premises Data Sources (SQL Server, Oracle, file systems, SAP)
Supported On-Premises Connectors
| Connector | Protocol |
|---|---|
| SQL Server | TDS |
| Oracle Database | ODP.NET |
| File System | SMB |
| SAP | RFC/BAPI |
| SharePoint Server | CSOM |
| IBM DB2 | DRDA |
| IBM Informix | DRDA |
| MySQL | MySQL protocol |
| PostgreSQL | PostgreSQL protocol |
Gateway Installation
- Download from the Microsoft Download Centre
- Install on a Windows server within your network
- Register with your Azure AD tenant
- Create a gateway resource in Azure
- Reference in your Logic App connections
Best Practices for On-Premises Gateway
- Install on a dedicated server (not a domain controller or database server)
- Use a gateway cluster for high availability (up to 7 members)
- Place the gateway close to the data source to minimise network latency
- Configure Windows Firewall to allow outbound HTTPS (port 443) to Azure Service Bus
- Use a service account with appropriate permissions
- Monitor gateway health via the on-premises data gateway app
Microsoft Reference: On-premises data gateway
Integration Service Environment (ISE) — Deprecated
ISE provided a dedicated environment for Logic Apps but is deprecated. Migrate to Standard Logic Apps with VNET integration for equivalent functionality.
Microsoft Reference: ISE deprecation and migration
Connector Authentication
Authentication Methods
| Method | Use Case |
|---|---|
| OAuth 2.0 | Microsoft 365, Dynamics 365, third-party SaaS |
| API Key | Custom APIs, third-party services |
| Basic Auth | Legacy APIs, on-premises systems |
| Managed Identity | Azure services (Key Vault, SQL, Storage, Service Bus) |
| Certificate | mTLS, SAP, enterprise systems |
| Raw | Custom authentication headers |
Managed Identity Authentication
Use managed identity to authenticate to Azure services without storing credentials:
{
"HTTP": {
"type": "Http",
"inputs": {
"method": "GET",
"uri": "https://management.azure.com/subscriptions/{subscription-id}/resourceGroups?api-version=2021-04-01",
"authentication": {
"type": "ManagedServiceIdentity",
"identity": "SystemAssigned",
"audience": "https://management.azure.com/"
}
}
}
}
API Connection Security
For managed connectors, connections store credentials as Azure resources:
resource apiConnection 'Microsoft.Web/connections@2016-06-01' = {
name: 'sql-connection'
location: location
properties: {
displayName: 'SQL Server Connection'
api: {
id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
}
parameterValues: {
server: sqlServer.properties.fullyQualifiedDomainName
database: 'OrderDB'
authType: 'windows'
username: '@Microsoft.KeyVault(SecretUri=${keyVault::sqlUsername.properties.secretUri})'
password: '@Microsoft.KeyVault(SecretUri=${keyVault::sqlPassword.properties.secretUri})'
}
}
}
Integration Patterns
Request-Reply
The most common pattern — receive a request and return a response:
HTTP Request Trigger
→ Validate Input
→ Process Data
→ Return HTTP Response (200 OK with result)
Publish-Subscribe
Distribute events to multiple subscribers:
Event Grid Trigger (e.g., Blob created)
→ Parallel Branch 1: Process image → Store in Cosmos DB
→ Parallel Branch 2: Send notification → Teams
→ Parallel Branch 3: Update index → Azure Search
Scatter-Gather
Call multiple services in parallel and aggregate results:
HTTP Request Trigger
→ Parallel Branch 1: Call Service A
→ Parallel Branch 2: Call Service B
→ Parallel Branch 3: Call Service C
→ Compose: Aggregate all results
→ Return HTTP Response
Content-Based Router
Route messages to different handlers based on content:
Service Bus Trigger
→ Switch on message type:
→ "order": Process Order workflow
→ "invoice": Process Invoice workflow
→ "return": Process Return workflow
→ default: Send to dead letter queue
Message Enrichment
Augment incoming data with additional information:
HTTP Trigger (receive order)
→ Get Customer Details (CRM)
→ Get Product Details (Catalogue API)
→ Get Shipping Rates (Carrier API)
→ Compose: Merge all data
→ Send Enriched Order to ERP
Claim Check
For large payloads, store the content and pass a reference:
HTTP Trigger (large payload)
→ Upload Body to Blob Storage
→ Send message to Service Bus with blob URL (claim check)
→ Return 202 Accepted
Separate workflow:
→ Service Bus Trigger (receives claim check)
→ Download from Blob Storage
→ Process large payload
→ Delete blob
Connecting to API Management
Logic Apps integrates with Azure API Management for governed API access:
Logic App → API Management Gateway → Backend API
Benefits
- Centralised security — JWT validation, OAuth, subscription keys
- Rate limiting — Protect backend services
- Transformation — Request/response manipulation
- Monitoring — Unified API analytics
- Versioning — Multiple API versions through APIM
Configuration
- Import your API into APIM
- In the Logic App, use the HTTP action to call the APIM gateway URL
- Pass the subscription key via
Ocp-Apim-Subscription-Keyheader - Or use Managed Identity with
validate-jwtin APIM
Hybrid Integration
Azure Relay
For scenarios where the on-premises data gateway is not suitable, use Azure Relay for direct hybrid connections:
Logic App → Azure Relay Hybrid Connection → On-premises endpoint
Azure Arc-Enabled Logic Apps
Run Logic Apps on Kubernetes anywhere — on-premises, multi-cloud, or edge:
Azure Arc-enabled Kubernetes cluster
└── Logic Apps extension
└── Standard Logic App workflows
└── Built-in connectors (Service Bus, SQL, etc.)
Microsoft Reference: Azure Arc-enabled Logic Apps
Best Practices
- Use built-in connectors over managed connectors where possible for better performance and lower cost
- Use managed identity instead of connection strings for Azure service authentication
- Implement connection access policies to control who can use API connections
- Monitor connector throttling — each connector has its own limits (typically 100–600 calls per connection per minute)
- Use batching for high-volume scenarios to reduce connector calls
- Cache frequently accessed data to avoid unnecessary connector calls
- Use custom connectors to standardise access to internal APIs
- Deploy gateway clusters for on-premises high availability
- Keep connectors updated — Microsoft regularly adds features and fixes