I am building a flow in Power Automate to generate automated reports for the Microsoft 365 tenants we manage. I hv been getting stuck with permission issues despite doing all the back-end steps required to read in to the tenants alters, secure score and few other parameters. Would like to seek help from someone who has experience doing this.
Power Automate flows don’t automatically inherit Lighthouse/GDAP access. Even if you can see the data in Lighthouse, the flow needs to run using an Azure AD app (service principal) with Microsoft Graph Application permissions and admin consent, and that app must be explicitly included in the GDAP role assignment for each managed tenant.
Best practice is to use HTTP with Azure AD in Power Automate, authenticate via the app (client credentials), and query Graph directly (e.g., Secure Score, alerts). Standard M365 connectors and delegated permissions usually fail in cross-tenant Lighthouse scenarios.
✅ If this answer helped resolve your issue, please mark it as Accepted so it can help others with the same problem.
👍 Feel free to Like the post if you found it useful.
Was this reply helpful?YesNo
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.