Views:

Applies to Product - Power Automate


What’s happening?
Securely handle keys in Power Automate when calling Azure Functions, ensuring that sensitive information is not exposed.
 

Options:

  • Utilize the Azure Key Vault connector to retrieve the key securely instead of storing it in plain text in the flow. This can be done by using the "Get Secret" action from the Azure Key Vault connector.
  • Alternatively, set up Managed Identities and use the [HTTP] action to call Azure Functions securely without using a key.
  • Alternatively, create a custom connector where the properties for the request can be set to use internal default values, preventing the key from being displayed in the flow designer screen.
  • Use environment variables to store the execution key as text. Create an environment variable in a solution and set its default value to the sensitive information. This allows the flow to use the environment variable without exposing the key directly in the flow configuration.
For detailed guidance on creating environment variables and custom connectors, refer to the following resources: - Create an Environment Variable in a Solution - Define a Custom Connector