cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Jeogr
New Member

Power automate and flow and .... not authorized send as ...

Dear,

I am currently wotking on flows that are allowed by MS Power automate.
it is very nice to be honest and easy to use.

The purpose of the flow is the following :
- a user is filling out a Forms
- when the forms is completed the flow is sending an email to a specific email address.
- important : this flow is generated from my personal email address (not the one that has admin rights)

Why this flow ?
- this is a good way to i.e : open a ticket in a ticket system, send a mail to another team and ... so ...

The issue:
- I have two accounts (one with admin rights and one more common) but in all cases if the sender from the V2 address is the mail of the person who has filled out the forms, my flow is not working "I do not have the right to send a mail on behalf of" -> because my account is "linked to the flow" is trying to send a mail on behalf of another person (the person who just filled out the forms"

Why i insist on the fact that I want to send the mail from the forms responder email ?
- for example for an IT intervention the purpose is that this forms is send to a dedicated email address linked to our ticketing system. But if the "from" is not the person who is having the issue, the ticket will not be created on the name of that person.

 

In terms of privacy I think it is not suitable to give to my own "more common" email account or my admin account the full persmission or the send as or send on behalf authorization on all mailbox of the company ... as I will have the possibility to read the email address of all users (which is not fair and logical)

What would be the best pratice in that case ?
Is there a workaround for that ?

I hope you understand clearly my demand and hope that you will provide me with a nice answer or alternative to solve my issue.

 

Thank you in advance for you attention.

Kind regards,

Joffrey

9 REPLIES 9
Pstork1
Dual Super User III
Dual Super User III

Since you want the email to come from the address of the person who fills out the form, your only option is to build the flow using an account that has "Send As" or "Send on Behalf of" permission to that mailbox.  There is no workaround.  The only other option is to use a service account to build the flow and send the email from that generic email address.  That account would need to have both a mailbox and a Power Automate license.  That's probably the most common approach.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.
Jeogr
New Member

Thank you for your answer.

 

maybe can we think more collaborative in that case.

Do you think it is possible to grant to a shared mailbox :

- The service account rights

- The possibility to send email on behalve of ?

 

It is just a question .... but it would be a good deal (but again .... i thik it is too easy 🙂

 

Kind regards,

 

Joffrey

 

 

 

Pstork1
Dual Super User III
Dual Super User III

Yes you could give the service account rights to a shared mailbox and send the emails from there using the service account.  However, be aware that most of the actions are specific to either a regular mailbox or a shared mailbox.  So you'll need to use the shared mailbox actions.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.
Jeogr
New Member

humm ok nice to read that.

Maybe you will think i am a bit "noob" in that world but i really prefer to understand.

A shared mailbox  (by definition) has no "real account" so how to identify on Power Automate ?

Next to that I have another question regarding giving the service rights to that shared mailbox ....

Will these rights be replicated to all people that have the authorization to access it ? I mean by delegation ?

 

I want to make sure that there is no privacy issue at the end of this adaptation, change ....

Pstork1
Dual Super User III
Dual Super User III

The shared mailbox is just an email address, but anyone who has access to it will be able to read or send messages from that mailbox.  So if you set up a service account to run the flow and give that account access to the shared mailbox it will be able to send mail from that address.  Since there won't be any incoming mail or anyone else who needs access there's no privacy issue. Who else would have access to the mailbox by delegation?

 

You could do the same thing by just giving the service account a regular mailbox. But you had mentioned using a shared mailbox. In this case there is no real benefit from the shared mailbox.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

I tried wat you have suggested by I really think that i have missed something :

 

Jeogr_0-1617889449731.png

is there someting that needs to be added ?

I have added my account into the members

Also the flow are created from my account.

 

But I still get a error 403 (not authorized to send on behalve of )

 

Shall i have to add new rights  ?

 

Again thank you for your support.

 

 

Pstork1
Dual Super User III
Dual Super User III

If you use a service account you don't need to do any impersonation.  Just log in as the service account and create the flow using that account.  Make sure the service account has both a license to use Power Automate and a mailbox.  Mail sent by the flow will then come from that mailbox.  No impersonation required.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Sorry I was a bit busy with some other tasks.

 

 you said : Mail sent by the flow will then come from that mailbox.  No impersonation required.

 

So this means that when the flow will generate the content and send it to our Jira Service Management the "from" of the email will be that email address ? and not the email address of the user ?

 

If this is the case I still have an issue :

- for the user it should simply be : fill out the forms and then wait the notification from our Jira that a ticket has been opened on your name.

 

also i am still having issue to generate a service account ... or maybe i do not find the way too ...

Pstork1
Dual Super User III
Dual Super User III

Yes, the From of the email will be the Service account email address.

 

For the From to be the user submitting the form the account that is running the flow must have "Send As" or "Send on Behalf of" permission to the user's mailbox that will be used in the From.  There is no other way.

 

In this case a service account is just a regular user account that has licensing, but that is only used for the purpose of creating and running the flows.  



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

Helpful resources

Announcements
Process Advisor

Introducing Process Advisor

Check out the new Process Advisor community forum board!

MPA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

V3_PVA CAmpaign Carousel.png

Community Challenge - Giveaways!

Participate in the Power Virtual Agents Community Challenge

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Carousel April Dunnam Updated 768x460.jpg

Urdu Hindi D365 Bootcamp

Dont miss our very own April Dunnam’s The Developer Guide to the Galaxy! Find out what the Power Platform has to offer for the traditional developer.

Users online (2,040)