cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
televisi
Regular Visitor

SOLVED Connecting two custom applications using OAuth 2.0 - how secure is Power Automate?

Hi,

 

I'm building an integrations between two custom applications with Power Automate sits in the middle (through OAuth 2.0 authentication):

App A (REST API) <=> Power Automate <=> APP B (REST API)

 

The authentications between Power Automate and both apps are done through OAuth 2.0 (the bearer token timeout every 1 hour - on which I'm planning to create a scheduler that will ping both applications to maintain the connectivity/to refresh the bearer token).

 

Both systems need to transfer sensitive personal information (such as DOB, address, full name, salary, etc) and the information is provided by both applications transparently to Power Automate (as part of REST API payload response).

 

Questions:

1. Is there a way to 'encrypt' the returned data from external application? I would say no, as the returned payload are provided by external application

2. Is Power Automate a secure platform to do such integrations? I have made my Power Automate account to be MFA-enabled; I suspect that is enough to make my account secure?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

View solution in original post

1 REPLY 1

Hi @televisi 

 

It is pretty secure as the security is already enabled on who can access the flow (based on folks you have shared this with). To avoid users from viewing the data in run history, you can modify the settings on the action by clicking the ... on the top right on the action and enable secure inputs and secure outputs: 

yashag2255_0-1602778446510.png

 

Hope this Helps!

 

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Community Calls Conversations

Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Users online (5,552)