we are working on logic app flow, basic out come of the flow will be send email (outlook adaptive card) using 0365 connector. We want to use this flow for 3 different projects and want to send from 3 different emails like [email protected], [email protected] and [email protected].
But on of the option got on the forum is to get the "send as" or "send on behalf of" permissions to the account used to configure the logic app on the above 3 shared email box. but it may not be possible to give that permission or if we want to use this flow for any other project again we need to get permission on that project specific shared mail box. Other than getting the permissions, is there any better way?
You can refer to this article that describes how to send emails from any Outlook account - Logic Apps: How to send a well-formatted HTML Email notification with Office 365 Outlook connector
Coming to your question about a right way to send emails from an outlook account, you can use
Azure Key vault
to saveEmail Id
andPassword
and consequently use it's values in the parameter file of ARM template. For example:This method will keep your secrets hidden and safe from others, and will fetch secrets from Key Vault and use them to send an email.
Visit this article to know more details about the implementation: Use Azure Key Vault to pass secure parameter value during deployment
For actions that handle any passwords, secrets, keys, or other sensitive information, you want to prevent others from viewing and accessing that data.
To control access to the inputs and outputs in your logic app's run history, you have these options:
- Restrict access by IP address range.
This option helps you secure access to run history based on the requests from a specific IP address range.
- Secure data in run history by using obfuscation.
In many triggers and actions, you can secure the inputs, outputs, or both in a logic app's run history.