Conditional Access, Require Compliant, but Allow connections from Microsoft Flow

JayBee2 6 Reputation points
2020-10-30T08:21:40.707+00:00

Hi, I'm hoping to get some tips on Conditional access.

We would like to allow only "compliant devices" (Intune) to be able to access "Office 365 Sharepoint Online". This can simply be done by going in the sharepoint admin center and switch "unmanaged devices" to "Allow limited, web-only access".

Due to the fact that we have a RDS environment I've excluded a IP from that policy. That works fine.

We would like our users to be able to use Microsoft Flow (Power Automate) for sharepoint.
I'm not sure how/if we are able to exclude Power Automate from the conditional access policy. Can this be done?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,783 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Eswar Koneti 2,201 Reputation points
    2020-10-30T15:51:57.967+00:00

    is this something that can help you? https://janbakker.tech/use-power-automate-as-your-ca-police-department/

    Regards,
    Eswar
    www.eskonr.com
    If the response is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

  2. JayBee2 6 Reputation points
    2020-10-30T16:31:38.547+00:00

    Thank you for that link. It doesn not apply though. The link automates exclusions for conditional access using Microsoft Flow.
    I would need a way to exclude microsoft flow from a conditional access policy.

    0 comments No comments

  3. JayBee2 6 Reputation points
    2020-11-02T20:18:00.833+00:00

    Just found that I only needed to select require approved client app under the access control.

    Ref: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-approved-client-app


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.