cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
downwardCorgi
Level: Powered On

Do I need to make a service account for company-wide flows?

I'm configuring approval flows for everyone in my company.

For the Sharepoint connections, should I use my account? Or make a service account and use that?

I don't think MFA is a problem, I can use Conditional Access to bypass this easily.

 

If I use a service account, does a person need to log in as this account every 14 days or something?

 

Also, has anyone tried using Conditional Access to block the service account from being logged into while allowing the Flow connections to work? When I block everything for the connection user, flow doesn't run anymore. When I disable the policy, it starts working. When I block everything except for Flow and Sharepoint, it still does not work. If I could get this to work, even if somebody got ID/password for this service account, they won't be able to do anything. They might login to Flow admin directly but I can lock this down using Trusted IPs for Flow connections.

3 REPLIES 3
joef
Level: Powered On

Re: Do I need to make a service account for company-wide flows?

If you use your account everything FLOW does will come from you. 

I created an O365 user for all my FLOWs, I had my Ad guys set it so the password does not expire.   I have many FLOWs that create Outlook calender events, and Planner tasks.  My calender was filling up so I had to find another solution which is this account. 

 

As far as logging in every 14 days, I am not aware of having to do that, but I do log in as the Account to change the owner of FLOW tasks, so I am not the one doing everything,  and when they decide to throw me outta here they can continue to use the FLOWs 🙂

Never thought about conditional access, I am the only one at this point that knows the password...

 

Hope this helps,

Joe

Highlighted
downwardCorgi
Level: Powered On

Re: Do I need to make a service account for company-wide flows?

Are you saying you login to the Flow admin page frequently so you're not sure if it's true that tokens expires in 14 days?

joef
Level: Powered On

Re: Do I need to make a service account for company-wide flows?

Well, I log into a PC as the service account, and change the connections of all tasks in my FLOWs so they go from that account not mine. 

 

Not sure if thats the reason the tokens never expire on me. 

I wasn't aware of the expiration, so i guess ignorance is bliss in this case LOL

 

Joe

Helpful resources

Announcements
firstImage

Power Platform Online Conference

Speakers, submit your sessions now! Call for speakers ends Feb. 10!

firstImage

New & Improved Power Automate Community Cookbook

We've updated and improved the layout and uploading format of the Power Automate Cookbook!

thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

firstImage

Incoming: New and improved badges!

We've given our badges an overhaul and also added some brand new ones!

fifthimage

Microsoft Learn

Learn how to build the business apps that you need.

sixthImage

Power Platform World Tour

Find out where you can attend!

seventhimage

Webinars & Video Gallery

Watch & learn from the Power Automate Community Video Gallery!

Top Kudoed Authors (Last 30 Days)
Users online (4,618)