Showing results for 
Search instead for 
Did you mean: 

Security - restrict HTTP - Request trigger by IP address, tenant, group, users

I want to secure my flows by restrict IP address, tenant, group, users for HTTP - Request trigger.


My scenario:

1. Restrict in my company ipaddress to use my flows which trigger by HTTP - Request.

2. Restrict in my users of our Office 365 group to use my flows which the trigger by HTTP - Request and use from SharePoint - Flow menu.



Current, Anyone who know HTTP POST URL of the trigger, can use our Flows.

At SharePoint, When create Flow by template 'Complete a custom action for the selected item', the new flow by trigger HTTP - Request, and can use anyone who know HTTP POST URL.



Yoshihiro Kawabata





Status: Under Review

Thank you for the idea, we will evaulate this.

Level: Power Up

Has there been any update on this item? as security is the key to start using this action actively

Level: Power Up

Almost a year under review?! What's going on here?

@Stephen: When will this continue? Are there any news here?


We really need to have a secure solution for using HTTP requests within Flow...