cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
televisi
New Member

SOLVED Connecting two custom applications using OAuth 2.0 - how secure is Power Automate?

Hi,

 

I'm building an integrations between two custom applications with Power Automate sits in the middle (through OAuth 2.0 authentication):

App A (REST API) <=> Power Automate <=> APP B (REST API)

 

The authentications between Power Automate and both apps are done through OAuth 2.0 (the bearer token timeout every 1 hour - on which I'm planning to create a scheduler that will ping both applications to maintain the connectivity/to refresh the bearer token).

 

Both systems need to transfer sensitive personal information (such as DOB, address, full name, salary, etc) and the information is provided by both applications transparently to Power Automate (as part of REST API payload response).

 

Questions:

1. Is there a way to 'encrypt' the returned data from external application? I would say no, as the returned payload are provided by external application

2. Is Power Automate a secure platform to do such integrations? I have made my Power Automate account to be MFA-enabled; I suspect that is enough to make my account secure?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

1 REPLY 1
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

Helpful resources

Announcements
Process Advisor

Introducing Process Advisor

Check out the new Process Advisor community forum board!

MPA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

V3_PVA CAmpaign Carousel.png

Community Challenge - Giveaways!

Participate in the Power Virtual Agents Community Challenge

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Users online (2,328)