cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
televisi
Regular Visitor

SOLVED Connecting two custom applications using OAuth 2.0 - how secure is Power Automate?

Hi,

 

I'm building an integrations between two custom applications with Power Automate sits in the middle (through OAuth 2.0 authentication):

App A (REST API) <=> Power Automate <=> APP B (REST API)

 

The authentications between Power Automate and both apps are done through OAuth 2.0 (the bearer token timeout every 1 hour - on which I'm planning to create a scheduler that will ping both applications to maintain the connectivity/to refresh the bearer token).

 

Both systems need to transfer sensitive personal information (such as DOB, address, full name, salary, etc) and the information is provided by both applications transparently to Power Automate (as part of REST API payload response).

 

Questions:

1. Is there a way to 'encrypt' the returned data from external application? I would say no, as the returned payload are provided by external application

2. Is Power Automate a secure platform to do such integrations? I have made my Power Automate account to be MFA-enabled; I suspect that is enough to make my account secure?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

1 REPLY 1
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

Helpful resources

Announcements
MPA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

Learn to digitize and optimize business processes and connect all your applications to share data in real time.

New Process Advisor Capabilities carousel.png

Read the blog for the latest news

Read the latest about new experiences and capabilities in the Power Automate product blog.

PA Survey Carousel Image.png

We want to hear from you!

If you are a small business ISV/Reseller, share your thoughts with our research team.

AI Builder AMA June 7th carousel (up on May 25th, take down June 8th) (1).png

'Ask Microsoft Anything' about AI Builder!

The AI Builder team invite you to ask questions and provide helpful answers at our next AMA.

Users online (1,430)