Reputation: 436
Logic App - O365 connector - Multi-Factor Authentication
has anybody managed to send an email in a logic app from an O365 account with mfa enabled?
When I try to add the connection it shows the Azure AD login popup, it gets authenticated with SSO (my pc is joined to Azure AD) anc then in O365 connector I have this error
OAuth2Certificate authorization flow failed for service 'Office 365 (Discovery, Certificate)'. AADSTS50079: Due to a configuration change made by your administrator, or because you moved to a new location, you must enroll in multi-factor authentication to access '00000002-0000-XXXX-XXXX-000000000000'. Trace ID: xxxxxxx-4689-4387-b215-d0590b331000 Correlation ID: 21eaa05b-xxxx-yyyy-893a-c2ce136d6e51 Timestamp: 2017-06-14 08:55:00Z
Hope you can help. Thank you
Upvotes: 1
Views: 3579
Answers (3)
Reputation: 11
This is long after closing. But in AAD, there is a "moved to a new location" flag that can get set, automatically triggering the need for MFA. If you do face this, check the conditional access locations in Azure and see if your AAD admin can clear the flag. (Or set up the original account with named locations in place.)
Upvotes: 1
Reputation: 163
The short answer is that I doubt this is possible, much less supported.
Since a LogicApp is essentially a "service", I think the correct approach would be to register your application in Azure AD and use app-only permissions and give your service Mail.Send permissions. This would allow your application to send as any user. Alternatively, create a "service account" that does not have MFA enabled -- but this is definitely the less secure approach and any credential changes have to be changed in code, rather than at an administrative level as the Azure AD app registration would allow.
Upvotes: 0
Reputation: 72171
I wouldn't expect this to be possible. I've never seen automated MFA logins in Azure. I would love to be disproved thou.
Upvotes: 0
Related Questions
- Connect to other users Outlook in Azure Logic App
- Azure Logic App: Azure VM Connector - InvalidAuthenticationTokenTenant
- Logic Apps - get OAuth2 token?
- Oauth Authentication in Logic Apps
- Azure Logic Apps connector for 3rd party
- Failure of office365 API connection authentication/authorization due to cross api connection in logic apps
- Authorising Office365 logic app API Connection with PowerShell
- Logic Apps Connector for Sitecore
- Azure Logic apps
- Manage Logic App Connections in the Azure Portal