Hi All,
In one of our applications I need to user O365 activities. As we are aware they require user name & password to be configured. we are planning to get a dedicated service account to use for this purpose. .
1. can we configure the workflow to use the current login users account & pwd?
2. I am thinking to have a configuration list to store the service account user name & pwd. Is this the right approach?
Hi!
Ad. question no 1: no, you cannot use there login and password of the current user, because whereas the login of current user you are able to get using the User Profile REST API, for the password there is no way to do that.
Ad. question no 2: if all your workflows are in the same site maybe yes. And if you have a lot of them and want to mantain this user credentials from one place then why not? However I would double think the security issues and problems if someone changes the record.
Maybe put it in external SQL and get it using the action?
Regards,
Tomasz
Hi ,
All the workflows are in the same site. Even I am bit worried about the security and more over based on the company policy all the password needs to be changed for every 90 days. so if there is a password change all the workflows which were triggered before the password change will end up failing after the password changing. Hence looking for quick solution if any one worked out to this scenarios
Yup, I understand your pain 
This "issue" has been discussed here several times. There is even a uservoice topic with a neat solution for that service account. Nevertheless as there is no such thing as "Workflow Constants" (as you have them in on-premise), that would be the most perfect solution here, then the one matching you the most is the one you should choose. There are no "best practices" for that case as far as I know..
Regards,
Tomasz
Hi Tomasz, A quick question here, if I am using a service account to configure the o365 activities what is the permission levels the service account should have in order to work properly? does that account need Tenant admin permissions?
This is not "deterministic" It should have that level of permissions to the object you want to operate on, that will be sufficient to execute the operation, ex. if you want to use "Office 365 Set Approval Status" then the account which credentials you provide must have at least "Approve" level of permissions on the library where you want to set approval status
However granting this account "Site Collection Admin" will take all worries away
Regards,
Tomasz
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.