Code Apps Integration with Power Automate Flows is now available
With this new feature, there are some important points to be aware of. First, the Flow commands are only available in the npm-based CLI, not the 'pac' CLI. Second, only Flows that use the Power Apps trigger are supported, and only solution aware flows are supported. There are more details in this documentation.
https://learn.microsoft.com/en-us/power-apps/developer/code-apps/how-to/add-flows
Technical Questions and Answers
The remaining part of this meeting included some notable discussion points which are as follows:Are manual flows only supported?
In the initial documentation, there was an error in the wording. To invoke a Flow from code apps, we must use the Power Apps trigger. Manual, scheduled, automated, or instant flows with non-Power Apps triggers are not supported.
Can users in code apps call APIs directly by bypassing DLP policies?
Code apps enforce Strict Content Security Policy (CSP) by default. This is an environment-level setting managed in PPAC (Power Platform Admin Centre) that prevents bypassing security boundaries like DLP. Therefore, managing CSP policies is an important part of enforcing security.
Is the code apps plugin going to be updated to use solutions?
Currently, we can add code apps to solutions manually or use a solution parameter during deployment. The team will consider adding a specific skill to the plugin to automate this.
Will code apps plugin support Microsoft Power Apps CLI instead of PAC soon?
The NPM-based CLI is currently in preview. The team is waiting for further feature stability and feedback before switching the plugin to support it.
The code apps plugin has an instruction to display the app version number in the UI. Can this be updated to specify it should be in the footer?
The team agreed that placing the version in the header is not ideal. They will look into removing the default instruction entirely so developers can choose their own placement.
Pushing code app to an environment does not accept preferred solution now. Will it do in the future?
Currently, a solution parameter must be explicitly passed. The team acknowledged the feedback regarding consistency with other Power Apps components and will review this design.
Vibe.powerapps.com uses behind the scenes same tech. What are the next steps with this one?
The ultimate goal is to allow developers to move between Vibe-generated solutions and Code apps, edited through local IDEs . The timeline for this has not been published but we can probably expect to hear more about this around during the upcoming Build conference.
What is Microsoft's strategic direction given the lines between Vibe, code apps, and canvas apps are blurring?
The important thing here is that Canvas apps and Model-Driven apps are not going away. Microsoft's main strategic focus is to build a robust managed platform that provides a secure, governed environment. This will support all existing app types and all future AI-generated artifacts.
Regarding the roadmap, what are the "security rules and permissions" mentioned? Is it safe for production?
In the roadmap document for code apps, there is mention of a "security rules and permissions" feature that is scheduled for later this year. There is concern that if this is an upcoming feature, code apps may not be safe today.
When it comes to data access, Code apps currently respect all Dataverse security rules and governance policies. The roadmap item refers to new features for detecting user context within the app so that we can tailor UI experiences depending on security roles.
Do code apps fall under premium licensing?
Yes. Code apps require a premium license, regardless of whether the backend data source is SharePoint or Dataverse.
