Skip to main content

Notifications

Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id : lcnpD4MHP9VUD8hcVov9oc
Power Platform Community / Forums / Power Automate - Using Flows / Setting up Service Acc...
Power Automate - Using Flows
Unanswered

Setting up Service Accounts with Multi factor authentication

Like (0) ShareShare
ReportReport
Posted on 10 Dec 2021 21:18:12 by westerdaled 616

 

I want to set up a service acount linked to one or more connection references in a solution. Also make the service account owner of  a  number of Power Apps.  I believe I can still have MFA enbled for the account. 

 

 

I want to review the Token Lifetime policies wrt to setting up a service account for Power Automates. After reading  at https://support.microsoft.com/en-us/topic/recommendations-for-conditional-access-and-multi-factor-authentication-in-microsoft-flow-15e7e8bc-1106-2e89-899b-7c292fbf1736 , I am more confused. Hence, I have these questions

 

1) Do we avoid checking the Remember Mulifactor Authentication in Office 365 

Rememer MFA Authentication unchecked.png

 

2) If 1) then do we have to set the token lifetime via AD Policy or do simply set up MFA via Security->Conditional Access in Azure AD and use the defaults listed under Recommended token lifetime settings after MFA is enabled in the above article

 

On my dev tenant I tried to configure the policy but didn't get very far.

 

 

 

 

 

 

 

Install-Module AzureADPreview
Connect-AzureAD
# does return anything 
Get-AzureADPolicy 

# my attempt to set up a policy
New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxAgeMultiFactor":"until-revoked","MaxAgeSessionMultiFactor":"14.00:00:00"}}') -DisplayName "DefaultPolicyScenario" -IsOrganizationDefault $true -Type "TokenLifetimePolicy"
New-AzureADPolicy : Error occurred while executing NewPolicy
Code: Request_BadRequest
Message: Configure Token Lifetime for RT/ST (Refresh/Session Token) is retired and all policies will not be honored
anymore Refer https://go.microsoft.com/fwlink/?linkid=2153669 for more information
InnerError:
 RequestId: 681e3985-3890-4734-8d5a-49a4aa8c0591
 DateTimeStamp: Fri, 10 Dec 2021 14:05:59 GMT
HttpStatusCode: BadRequest
HttpStatusDescription: Bad Request
HttpResponseStatus: Completed
At line:1 char:2
+ New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 + CategoryInfo : NotSpecified: (:) [New-AzureADPolicy], ApiException
 + FullyQualifiedErrorId : Microsoft.Open.MSGraphBeta.Client.ApiException,Microsoft.Open.MSGraphBeta.PowerShell.New
 Policy

 

 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities

Quick Links

🌸 Community Spring Festival 2025 Challenge 🌸

WIN Power Platform Community Conference 2025 tickets!

Markus Franz – Community Spotlight

We are honored to recognize Markus Franz as our April 2025 Community…

Kudos to the March Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,645 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 65,997 Most Valuable Professional

Leaderboard

Featured topics

Restore a deleted flow

Product updates

Microsoft Power Platform Community release plans