cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
televisi
New Member

SOLVED Connecting two custom applications using OAuth 2.0 - how secure is Power Automate?

Hi,

 

I'm building an integrations between two custom applications with Power Automate sits in the middle (through OAuth 2.0 authentication):

App A (REST API) <=> Power Automate <=> APP B (REST API)

 

The authentications between Power Automate and both apps are done through OAuth 2.0 (the bearer token timeout every 1 hour - on which I'm planning to create a scheduler that will ping both applications to maintain the connectivity/to refresh the bearer token).

 

Both systems need to transfer sensitive personal information (such as DOB, address, full name, salary, etc) and the information is provided by both applications transparently to Power Automate (as part of REST API payload response).

 

Questions:

1. Is there a way to 'encrypt' the returned data from external application? I would say no, as the returned payload are provided by external application

2. Is Power Automate a secure platform to do such integrations? I have made my Power Automate account to be MFA-enabled; I suspect that is enough to make my account secure?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

1 REPLY 1
yashag2255
Dual Super User II
Dual Super User II

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

Helpful resources

Announcements
MPA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

MBAS on Demand

Microsoft Business Applications Summit sessions

On-demand access to all the great content presented by the product teams and community members! #MSBizAppsSummit #CommunityRocks

MBAS Attendee Badge

Claim Your Badge & Digital Swag!

Check out how to claim yours today!

secondImage

Are Your Ready?

Test your skills now with the Cloud Skill Challenge.

Top Solution Authors
Users online (70,904)