Skip to main content

Notifications

Community site session details

Community site session details

Session Id :
Power Automate - Building Flows
Unanswered

CAS Policy automate - impossible travel activity.

Like (0) ShareShare
ReportReport
Posted on 29 Apr 2020 10:10:36 by

Hi,

I want to automate cloud app security policies to take specific action when an alert is generated.  For instance I want to create a policy and automate it to ask users to reset their passwords when their account is flagged for "impossible travel" activity" or multiple logins attempts from different geographical locations.

I have looked at using power automate but I cannot see it taking the above action, unless I'm missing something.  I can get it to send an email alert to admins.

 

I would welcome any suggestions or pointers.

Thank you.

  • F1NN Profile Picture
    2 on 15 Jun 2020 at 08:25:22
    Re: CAS Policy automate - impossible travel activity.

    At Ignite on Tour Amsterdam last year i saw a demonstration connecting CASB to a Azure Runbook via a Flow to accomplish this.

    The case then was, when CASB has a impossible travel alert, start the flow.. kick of a Azure Runbook > check the mailbox of the specific user for an active Out of Office rule > Let Flow use the output of the job > if the rule was found, close the alert, if not found then post a message in teams.

     

    I remember the presenter saying that the demo would be available after, but i haven't been able to find it.

    Connecting flow to Azure Automation however is documented:
    https://danielchronlund.com/2018/11/18/start-your-azure-automation-powershell-runbook-with-a-microsoft-flow-button/
    https://docs.microsoft.com/en-us/azure/automation/start-runbooks

     

  • alrezac Profile Picture
    on 01 May 2020 at 13:25:49
    Re: CAS Policy automate - impossible travel activity.

    Hi,

     

    The issue with this is that webhooks typically trigger with some kind of data update and unless we already have a trigger set up to monitor for that data change it will be hard to integrate this into flow if not impossible. It might be possible to set up an HTTP request to send when an account if flagged but I have no idea how that would work on the non-flow side. I would suggest opening a case with Microsoft Support to help take a look into this, I'll include a link below. Otherwise if any other communities members might have set this up before feel free to pitch in.

     

    Regards,

     

    Alex

     

    -------

     

    Community Support Team _ Alex Rezac
    If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Understanding Microsoft Agents - Introductory Session

Confused about how agents work across the Microsoft ecosystem? Register today!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard > Power Automate - Building Flows

#1
stampcoin Profile Picture

stampcoin 31

#2
Churchy Profile Picture

Churchy 20

#3
Michael E. Gernaey Profile Picture

Michael E. Gernaey 18 Super User 2025 Season 1

Overall leaderboard
Loading started