Power Automate For Desktop is a great tool for automating mundane tasks and improving productivity. It comes inbuilt with Windows 11 and can be installed for Windows 10 from Windows Store.
Power Automate comes with many in-built features to work with Files, Email, Text, etc. It also contains basic features to work with PDFs such as Extracting various information from PDFs, Merging PDFs, etc.
What Do We Want to Build Here?
In this sample, we will automate password-protecting PDF files from one folder. We’ll have input PDF files in one folder named “Input PDF” and an output folder named “Password Protected PDF”. As the name suggests we would like to store the resulting password-protected files in this folder.
Logically we should be doing the following:
- Loop through all PDF files in the “Input PDF” folder
- Password Protect each file
- Store the resulting file in the “Password-Protected PDF” folder
Here, we have inbuilt actions which enable us to get all files from a specific folder and loop through its contents. However, we don’t have any native action to password protect PDF.
Hence, coming to the next question.
How Will We Add a Password to PDF?
Well, we can’t do it natively; hence we need to find an out-of-box solution for it. Unlike cloud-based Power Automate (previously flow), desktop solutions don’t have connectors.
That leaves us with only one solution, to use an external Web API. We’ll be using PDF.co here. PDF.co provides excellent API Endpoints for PDF-related functionality. Please refer to the documentation for more details.
PDF.co Endpoints requires an API Key passed in the header for authentication purposes. Upon signing up with PDF.co, we’ll receive this API Key.
Interesting, right? Let’s get started!
Step-by-Step Guide
- Create New Flow
- Get Files in Folder
- Loop through All Files
- Declare Input Variables
- Invoke PDF.co Web Service to Get Presigned URL for File Upload
- Perform Actual File Upload to the Returned Presigned URL
- PDF.co API Call to Password Protect This File
- Download Returned URL
Step 1: Create New Flow
We’ll start with creating a new flow named “PDF Password Protect”.
Step 2: Get Files in Folder
Our first step is to get all PDF files from the source folder. For this, we’ll be adding the “Get files in folder” action.
Here, we’ve done the following configurations.
| Folder | Source folder path |
| File Format | |
| Output Variable | Named as “Files” |
After the execution of this step, we’ll have a collection of all PDF files. Just like we wanted!
Step 3: Loop through All Files
Now that we have all PDF Files, we’ll be iterating through each file for further processing. For this purpose, we’ll add the “For each” loop. This can be found under the “Loops” folder.
This “For each” loop will look like this.
The configuration for this “For each” loop is as follows.
We’re selecting the parameter “Value to iterate”, with the variable “Files” (the result of the previous action). This can be done by adding the “{x}” icon on the right.
Also, we’re storing an output variable named “CurrentItem”. This “CurrentItem” will refer to the current file iteration.
Here onwards, we’ll be adding all actions within the “For each” loop itself. This variable “CurrentItem” will be used to reference the current file.
Step 4: Declare Input Variables
We’ll create two input variables.
| PDF_Password | Will be used as the password for output files. |
| PDFcoAPIKey | Refers to PDF.co API Key. This API key is essential for authenticating PDF.co requests. |
Variables can be created by clicking the round-plus icon right from the panel title.
Step 5: Invoke PDF.co Web Service to Get Presigned URL for File Upload
In this step, we’ll be calling PDF.co Endpoint “get-presigned-url” which will return the URL to file upload as well output URL. PDF.co requires a public URL of an input file in order to process them.
Since we need local PDF files to be processed, we’ll be uploading them to the PDF.co cloud. Files will be there only for a short duration and will be deleted afterward.
The action to call the rest web service is “Invoke web Service”, which is under the “HTTP” side menu.
We’ve configured this web service as below.
This is a GET request with an endpoint URL as “https://api.pdf.co/v1/file/upload/get-presigned-url”. This URL also contains a query string parameter for the file name.
Along with this, we’re passing custom header information with PDF.co API Key. Here, we’re using the input variable `PDFcoAPIKey`.
x-api-key: %PDFcoAPIKey%
Apart from this, we’re saving response to a variable named “presigned_output”.
Output stored in this variable will be in JSON format, as shown below. Output parameter “presignedUrl” contains a URL where the actual file needs to be uploaded. Whereas, the “URL” parameter refers to the PDF.co cloud public URL of the uploaded file.
{
"presignedUrl": "https://pdf-temp-files.s3.us-west-2.amazonaws.com/d3cfc1a155964e8495fe93a05afa0570/test.pdf?X-Amz-Expires=900&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIZJDPLX6D7EHVCKA/20220406/us-west-2/s3/aws4_request&X-Amz-Date=20220406T095510Z&X-Amz-SignedHeaders=host&X-Amz-Signature=b922b20c61ed12d6fc1049ad44beb103c116462b36ac09de652d850220f74243",
"url": "https://pdf-temp-files.s3.amazonaws.com/d3cfc1a155964e8495fe93a05afa0570/test.pdf",
"error": false,
"status": 200,
"name": "test.pdf",
"credits": 7,
"duration": 285,
"remainingCredits": 830573
}
Since the response stored in “presigned_output” is in JSON string format, we need to convert it to a custom object.
For that, we need to add a new action named “Convert JSON to custom object”.
In this action, we’re configuring the JSON parameter with the variable “presigned_output”.
Also, the output variable “PresignedJsonAsCustomObject” is generated.
Now, whenever we need to access a pre-signed URL response; we only need to refer to this variable. For example, to access the URL property of JSON, we can use the “PresignedJsonAsCustomObject.url” property.
Step 6: Perform Actual File Upload to the Returned Presigned URL
Now that we have the presigned URL from PDF.co, it’s time to upload the actual file to it with a PUT request. Unfortunately, Power Automate Desktop has no native action, to upload byte-array to PUT request. Hence, we need to execute the PowerShell script action which will perform file upload.
We’ll be using the “Run PowerShell script” action here, as shown below.
This action is configured to execute the following PowerShell code.
# 2. UPLOAD THE FILE TO CLOUD.
$r = Invoke-WebRequest -Method Put -Headers @{ "x-api-key" ="%PDFcoAPIKey%"; "content-type" = "application/octet-stream" } -InFile '%CurrentItem%' -Uri '%PresignedJsonAsCustomObject.presignedUrl%'
This code does file upload to a pre-signed URL using a PUT request. Interesting and powerful stuff, right?
Step 7: PDF.co API Call to Password Protect This File
Until this step, we have our input PDF file uploaded to the PDF.co server; and we already have its temporary public URL when we called GET request for a pre-signed URL. It’s time to call another PDF.co endpoint to password protect this file.
For this, we’ll be configuring another “Invoke web service” action.
Let’s see the configuration of this action.
The URL parameter is set to “https://api.pdf.co/v1/pdf/security/add”. This pdf.co endpoint adds password and other security to an input PDF document.
The method is set to “POST”, and it has accepted as well content-type parameter set to “application/json”.
We’re passing the PDF.co API key in the custom header with the following value.
x-api-key: %PDFcoAPIKey%
The request body is set to the following.
{
"url": "%PresignedJsonAsCustomObject.url%",
"ownerPassword": "%PDF_Password%",
"userPassword": "%PDF_Password%",
"EncryptionAlgorithm": "AES_128bit",
"AllowPrintDocument": false,
"AllowFillForms": false,
"AllowModifyDocument": false,
"AllowContentExtraction": false,
"AllowModifyAnnotations": false,
"PrintQuality": "LowResolution",
"encrypt": false,
"name": "output-protected.pdf",
"async": false
}
Please note, we’re setting the “URL” parameter with a pre-signed JSON object’s variable “PresignedJsonAsCustomObject.url”. Also, “ownerPassword” and “userPassword” are set to the “PDF_Password” variable.
Rest are the additional parameters such as encryption algorithm, print quality, etc. Please refer to PDF.co documentation for more information.
The important thing to note here, we’re turning off the “Encode request body” switch in advanced settings.
We’re storing the output of this action to the variable, “PasswordProtect_Response”.
This variable will contain a JSON string. The response will be in the following format.
{
"url": "https://pdf-temp-files.s3.amazonaws.com/f4ba970299d64ccfaac74fe8c72faa21/output-protected.pdf",
"pageCount": 1,
"error": false,
"status": 200,
"name": "output-protected.pdf",
"credits": 3,
"duration": 562,
"remainingCredits": 830570
}
In this response, “URL” parameter refers to the protected output file.
Next, we’ll be creating an action “Convert JSON to custom object” and create a JSON object for this variable “PasswordProtect_Response”. It’ll look like this.
Now that we’ve configured the JSON object; we can refer to the password-protected file URL with the parameter “PasswordProtect_Response_Object.url”.
Step 8: Download Returned URL
In this last step, we’ll be simply downloading the file from the output URL. We’ll be using the “Download from web” action for this.
Let’s see its configuration.
“URL” parameter is set to the variable “PasswordProtect_Response_Object.url”, which in turn contains a protected file URL.
This response is being saved to disk, and also the destination folder is specified. Upon execution of this action, it’ll save the output PDF to the destination folder.
Demo Video
For a more interactive learning session, please refer to the following video.
Summary
As we have observed, it’s that easy to consume PDF.co web API with Power Automate for desktop. PDF.co offers many more endpoints, and they can be configured in a similar way.
I hope this article is useful. Please try this on your machine! Thank you!