Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Azure MFA and Flow (Power Automate)

Brass Contributor

Has anyone successfully managed to implement Azure MFA without adversely affecting Flow (Power Automate)?

 

The Microsoft Support article "Recommendations for conditional access and multi-factor authentication in Microsoft Flow" (https://support.microsoft.com/en-gb/help/4467879/conditional-access-and-multi-factor-authentication-...) refers to the Configurable Token Lifetimes which look as if that would work. However, following the link from that article to further information ("Configurable token lifetimes in Azure Active Directory (Preview)" - https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-...) then says that:

 

After May 1, 2020 you will not be able to use Configurable Token Lifetime policy to configure session and refresh tokens. You can still configure access token lifetimes after the deprecation.

 

Instead, they will be replaced by authentication session controls in Conditional Access.

 

So the question is: how now should we be configuring MFA via Conditional Access policies so that Flow is not adversely affected? 

4 Replies
Has anyone found a solution to this? We've noticed a similar issue after rolling out MFA. It would be great if there was some up to date guidance on the best way to utilise MFA with Power Automate. In large companies where many users have setup workflows, enforcing MFA has the potential to cause quite a bit of disruption.

@Max Goss any update? We have the same problem.

@MarkusDi any update? We have the same problem.

@lelMARKO no. Because of "Session controls" we have to reauthenticate every 30 days.