Flow and MCAS working together

Posted by

My dear friend and MVP Daniel Laskewitz just made me aware of a cool new connector for Microsoft Flow. This connector enables you to use Microsoft Flow for actions within Microsoft Cloud App Security.

Cloud App Security is a comprehensive security suite. It provides (security) administrators with many functions for detecting anomalies and acting on these. With the new Flow connector, you now have the option to trigger a Flow based on a MCAS policy. Defacto offering workflow options based on MCAS alerts.

Let’s check it out.

In order to use the connector, you will need to create an access code in MCAS. You simply go to the system settings and Security extensions. Here you create a new API token. Copy the API token, as you will need it for configuring the Flow connector.

MCAS_1

In Microsoft Flow you create a new connection to MCAS. You use the new connector for this. Provide a name for the connection and enter the API key.

Flow_1

Flow_2

Now you can create the Flow needed. Because the connector returns information from MCAS, you can include information on the alert in an e-mail (for example). I just created a very simple flow which is triggered when a SharePoint file is shared with an external person.

Flow_3

Save the Flow. Now go to your MCAS policy. Here you can select the Flow as an alerting action (not as a governance action!).MCAS_2MCAS_3

And then……. It works!

Outlook

Beware though. When I was looking at this new connector, I was also looking at the OAuth App policies in MCAS. I was just playing around….. But I wasn’t able to get the Flow connector to work. Turns out that my test OAuth App policy was to strict and it blocked PowerApps and Flow to connect to MCAS……… So check out those settings if it does not work 🙂

One comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s