We are after some best practise guidance for managing Flow connections. I have read few suggestions to use a 'service account' rather than 'personal credentials' when creating Flow. This seems to be a sensible solution e.g. consider the implications of a user with Global Admin rights creating a Flow having connections that use their own credentials.
However, we have some questions as below. Could anybody who use a service account today share their experience as whether it's been good solution.
- Using a service account comes with additional cost as account itself would require O365 license. I am thinking at least an E3 license to provide the service account access to SharePoint (to update list items) and Exchane Online (for ability to send emails).
- One service account used across many Flows would end up with many permissions e.g. A service account having permissions to many different SharePoint sites.
- How multi-factor authentication would apply to this Service Account. Would this account need to bypass MFA.
