Logic App integration fails to trigger on IoT Hub Event Grid events after policy update

IoT Microsoft Azure IoT
, , , , , , , ,
1

We set up a Logic App to trigger on device telemetry events from IoT Hub via Event Grid, but it’s not firing at all. The Event Grid subscription shows as active, but when I check the Logic App run history, there are zero triggers in the past week even though we’re sending thousands of telemetry messages daily. I’ve verified the Event Grid subscription setup and the Logic App endpoint is registered correctly, but something in our integration policy restrictions might be blocking the webhook calls.


Event Grid Subscription: active
Logic App Trigger: EventGridTrigger
Endpoint validation: passed
Events delivered: 0

The webhook endpoint responds correctly when I test it manually. Anyone experienced Logic Apps not receiving Event Grid events from IoT Hub after policy updates?

2

First thing to check: are you filtering for the right event types in your Event Grid subscription? IoT Hub publishes several event types, and if your filter is too specific, you might be missing the events you care about.

3

The event type filter is set to ‘Microsoft.Devices.DeviceTelemetry’ which should be correct. Schema is Event Grid schema. But I just noticed the subject filter is set to ‘/devices/*’ - could that be the issue?

4

The subject filter looks fine for device telemetry. The real issue might be that device telemetry events aren’t routed through Event Grid by default in IoT Hub. You need to explicitly configure a route in IoT Hub that sends telemetry to the Event Grid endpoint. Without that route, Event Grid never receives the events to forward to your Logic App.

5

Also check if your integration policy is blocking outbound webhooks from Event Grid. Some enterprise policies restrict Event Grid from calling external endpoints for security reasons. You might need to add your Logic App’s webhook URL to an allowlist in the policy.

6

This is a common misconfiguration. Let me break down the complete solution addressing all three focus areas:

Event Grid Subscription Setup: The fundamental issue is that IoT Hub device telemetry events don’t automatically flow through Event Grid - only device lifecycle events (created, deleted, connected, disconnected) do by default. For telemetry, you need a different approach:

  1. Event Grid is NOT the right path for device telemetry at scale. It’s designed for device lifecycle events.
  2. For telemetry, use IoT Hub message routing to Event Hubs, then trigger Logic Apps from Event Hubs.

If you really need Event Grid for telemetry (not recommended for high volume), you must:

{
  "routes": [
    {
      "name": "TelemetryToEventGrid",
      "source": "DeviceMessages",
      "condition": "true",
      "endpointNames": ["EventGridEndpoint"],
      "isEnabled": true
    }
  ]
}

But this requires a custom Event Grid endpoint in IoT Hub, which is different from the built-in Event Grid integration.

Logic App Endpoint Registration: Your Logic App endpoint validation passed, which is good, but you need to verify the subscription filters are correct. Update your Event Grid subscription:


az eventgrid event-subscription create \
  --name iot-telemetry-to-logic \
  --source-resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Devices/IotHubs/{hub} \
  --endpoint-type webhook \
  --endpoint https://{logic-app-url} \
  --included-event-types Microsoft.Devices.DeviceTelemetry \
  --subject-begins-with /devices/

However, as I mentioned, ‘Microsoft.Devices.DeviceTelemetry’ is NOT a built-in Event Grid event type for IoT Hub. The actual built-in types are:

  • Microsoft.Devices.DeviceCreated
  • Microsoft.Devices.DeviceDeleted
  • Microsoft.Devices.DeviceConnected
  • Microsoft.Devices.DeviceDisconnected

For telemetry, you need to use IoT Hub’s message routing feature instead.

Integration Policy Restrictions: Your integration policy might be blocking the webhook, but more importantly, it might be blocking the IoT Hub route creation. Check these policy settings:

  1. Verify Event Grid has permission to receive events from IoT Hub:

    • IoT Hub needs ‘Microsoft.EventGrid/eventSubscriptions/write’ permission
    • Your service principal needs this at the IoT Hub scope

  2. Check if webhook URLs are restricted:

    • Some policies block external webhook calls
    • Add Logic App URL to policy allowlist if restricted

  3. Review network policies:

    • If IoT Hub is in a VNet, ensure Event Grid can reach it
    • Logic App webhook must be accessible from Event Grid’s IP range

Recommended Solution: Instead of Event Grid for telemetry, use this architecture:

  1. Create an Event Hubs namespace and hub
  2. Configure IoT Hub message routing:

az iot hub route create \
  --hub-name {hub} \
  --route-name TelemetryToEventHub \
  --source DeviceMessages \
  --endpoint-name EventHubEndpoint \
  --enabled true

  1. Update Logic App trigger to use Event Hubs instead of Event Grid:

    • Change trigger type to ‘When events are available in Event Hub’
    • Configure Event Hub connection
    • Set consumer group (use dedicated consumer group for Logic Apps)

  2. If you must use Event Grid (for lifecycle events), ensure your subscription filters match actual event types:

{
  "filter": {
    "includedEventTypes": [
      "Microsoft.Devices.DeviceConnected",
      "Microsoft.Devices.DeviceDisconnected"
    ],
    "subjectBeginsWith": "/devices/",
    "subjectEndsWith": ""
  }
}

The zero events delivered suggests either:

a) Wrong event type filter (trying to subscribe to telemetry via Event Grid)

b) Missing IoT Hub route configuration

c) Policy blocking Event Grid subscription creation

Check Event Grid metrics in Azure Monitor to see if events are being published but not delivered. If events aren’t even being published, the issue is in IoT Hub routing, not the Logic App endpoint.