web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Enforce DLP for Power ...
Power Automate
Answered

Enforce DLP for Power Automate desktop for private MS account

(0) ShareShare
ReportReport
Posted on by leo85 617

Hi,

I'm trying to find out if it is possible to block certain actions in Power Automate Desktop for a whole PC.

DLP policies for Power Automate Desktop are currently in public preview. If I log in to my work account with Power Automate Desktop the policy is being enforced.

But if I can still sign in to PA Desktop with my private MS account, in which case the policy is not enforced. So we have the potential problem that DLP policies are not enforceable for all users, since users can simply create a private MS account and log into Power Automate Desktop with that account. Afterwards they will still have access to all resources on the machine, but without a DLP in place.

 

Is there a way to enforce the DLP policy for all flows on a computer and not only for the signed in user?

 

Best Regards

Categories:
Power Automate Desktop
I have the same question (0)
  • Verified answer
    Pstork1 Profile Picture
    Pstork1 69,129 Most Valuable Professional on at

    Those DLP polices are stored in your Power Platform environment.  When a Microsoft account logs in to Power Automate Desktop then don't have access to the Power Platform environments in your tenant.  Their flows are stored in consumer OneDrive (not OneDrive for Business). That's why the policies don't apply.  However there is a registry key that can be set on a machine that prevents people from logging in to PAD with a Microsoft account.  In that way the DLP policy will always apply.  You can read about it here: Governance in Power Automate - Power Automate | Microsoft Docs

  • leo85 Profile Picture
    leo85 617 on at

    Hi @Pstork1 ,

    thanks for the answer. Just for clarification: If I set that registry key, users cannot sign in to PAD with the private MS account, but they can still sign in with their work or school account. Is that correct?

  • Pstork1 Profile Picture
    Pstork1 69,129 Most Valuable Professional on at

    Correct.  That registry key just blocks users from logging in with MS accounts, not Organizational accounts.  The registry key would need to be set on each machine.  That can normally be done using Group policies in your Domain.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the March Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Haque Profile Picture

Haque 605

#2
Valantis Profile Picture

Valantis 340

#3
11manish Profile Picture

11manish 284

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans