Hi there. So the current power automate approval process, will send out an email or a ms teams notification for the approver to review and approve the request.
I want find out on power automate, how can i use a authenticator or MFA to approve the approval request. By this way, its more secure by verifying the approver fingerprint or otp code. So the notification can still come via email or ms teams, when the approver click on the approved button, then a request is send out to a authentication service or app to approve.
Is this possible or work around. If yes how is it done.
Hi @Shabeersa ,
Do you really need that , as you are already sending notification to mail and Teams which someone access after proper authentication only ?
I do not see any need for MFA again for approvals only .
If you can explain why you are thinking MFA should be required again before approving/rejects the requests ? may be we can check further on it
Thank you for your email, the reason why i am looking for MFA with the power automate approval, MFA has more security and access level, like fingerprint if authenticator on mobile device, MFA can even be one time pin sms or verify you can the actual approval.
The other reason to get the outcome as a digital signature proof if audit is required. Or is there only a power automate approval mobile app available
That is the reason
As mentioned earlier , Approval sends notification to Teams/Email for you to approve which you would have already logged in by using the applied security set by your Organization MFA + User-Password based authentication .
As the notification is sent already to secured logged in user applications Teams/Email . Users can directly approve it from there . Other option is they can log in to Power Automate portal log in again and approve the request .
According to me adding another MFA for approval (If MFA only for Approvals is allowed) here is an unnecessary overhead .
The digital proof of approval is approved via mail/teams and the approval history is available whoever sent the approval and whoever received it as well . If you want to store those separately you can create custom tables and stores the approvals and rejections .
I don't think any specific mobile app for Flow approval is there .
Hi @rakadakaka ,
We also have the same need. To your question, that is because that we want to ensure this approval is not by someone who use other people's laptop (e.g. someone forgets to log-out or leaves the desk without closing the laptop). Therefore, adding a MFA step will increase the integrity of the approval message --- we want to make sure that is exactly the approver who perform the activity, even the system has been log-in.
So, back to the question, could we add an MFA step or ask people to log in specific for this approval step? Thanks!