Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities - Lets Get Started!
May 14th | Power Platform Community AMA: Power Apps Edition
News and Announcements icon
Community site session details

Community site session details

Session Id : LBVgNh5nEhsFJ8LM8py+d1
Power Platform Community / Forums / Power Automate - Using Flows / Setting up Service Acc...
Power Automate - Using Flows
Unanswered

Setting up Service Accounts with Multi factor authentication

Like (0) ShareShare
ReportReport
Posted on 10 Dec 2021 21:18:12 by westerdaled 616

 

I want to set up a service acount linked to one or more connection references in a solution. Also make the service account owner of  a  number of Power Apps.  I believe I can still have MFA enbled for the account. 

 

 

I want to review the Token Lifetime policies wrt to setting up a service account for Power Automates. After reading  at https://support.microsoft.com/en-us/topic/recommendations-for-conditional-access-and-multi-factor-authentication-in-microsoft-flow-15e7e8bc-1106-2e89-899b-7c292fbf1736 , I am more confused. Hence, I have these questions

 

1) Do we avoid checking the Remember Mulifactor Authentication in Office 365 

Rememer MFA Authentication unchecked.png

 

2) If 1) then do we have to set the token lifetime via AD Policy or do simply set up MFA via Security->Conditional Access in Azure AD and use the defaults listed under Recommended token lifetime settings after MFA is enabled in the above article

 

On my dev tenant I tried to configure the policy but didn't get very far.

 

 

 

 

 

 

 

Install-Module AzureADPreview
Connect-AzureAD
# does return anything 
Get-AzureADPolicy 

# my attempt to set up a policy
New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxAgeMultiFactor":"until-revoked","MaxAgeSessionMultiFactor":"14.00:00:00"}}') -DisplayName "DefaultPolicyScenario" -IsOrganizationDefault $true -Type "TokenLifetimePolicy"
New-AzureADPolicy : Error occurred while executing NewPolicy
Code: Request_BadRequest
Message: Configure Token Lifetime for RT/ST (Refresh/Session Token) is retired and all policies will not be honored
anymore Refer https://go.microsoft.com/fwlink/?linkid=2153669 for more information
InnerError:
 RequestId: 681e3985-3890-4734-8d5a-49a4aa8c0591
 DateTimeStamp: Fri, 10 Dec 2021 14:05:59 GMT
HttpStatusCode: BadRequest
HttpStatusDescription: Bad Request
HttpResponseStatus: Completed
At line:1 char:2
+ New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 + CategoryInfo : NotSpecified: (:) [New-AzureADPolicy], ApiException
 + FullyQualifiedErrorId : Microsoft.Open.MSGraphBeta.Client.ApiException,Microsoft.Open.MSGraphBeta.PowerShell.New
 Policy

 

 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities - Lets Get Started!
May 14th | Power Platform Community AMA: Power Apps Edition

Quick Links

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Congratulations to all our community participants!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard > Power Automate - Using Flows

#1
stampcoin Profile Picture

stampcoin 24

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 13 Super User 2025 Season 1

#3
Expiscornovus Profile Picture

Expiscornovus 9 Most Valuable Professional

Overall leaderboard

Featured topics

Restore a deleted flow

Product updates

Microsoft Power Platform Community release plans