Power Platform – [Update] Security update to “HTTP With Microsoft Entra ID (preauthorized)” connector [MC918447]

Power Platform – [Update] Security update to “HTTP With Microsoft Entra ID (preauthorized)” connector [MC918447]

Message ID: MC918447

This communication is a follow up message to MC901932, which was previously communicated on October 1, 2024. While the changes below are still in progress, we are extending the rollout window which was originally planned for October 24, 2024 – November 15, 2024. We will provide the new estimated timeline as soon as possible, along with additional information.

We are announcing an update to the “HTTP With Microsoft Entra ID (preauthorized)” (sometimes called “Webcontents”) connector to enhance security. As part of this change, a new connection type will be added that uses a first party app with no permissions attached. This is to ensure best practices are followed by limiting security exposure to only what is required. Coinciding with this change, the name of the connector will be updated to “HTTP With Microsoft Entra ID.”

How does this affect me?
Existing connections will continue to work. We will follow up at a later date when existing connections need to be migrated to the new connection type.

What do I need to do to prepare?

  1. Please follow the steps listed in the Authorize the connector to act on behalf of a signed-in user article to add the required permissions to the first party app being used by the connector.
  2. Perform a test by adding a connection in the “HTTP With Microsoft Entra ID” (sometimes called WebcontentsV2) connector to make sure everything works fine.

Source: Microsoft

Show 1 Comment

1 Comment

  1. Mike Rosoft

    The upcoming update to the “HTTP With Microsoft Entra ID (preauthorized)” connector is all set to make waves in the Power Platform world! Admins and users alike are in for a treat with this enhanced security update.

    For admins, this update means better security practices with the addition of a new connection type that uses a first-party app with no attached permissions. This change ensures that security exposure is minimized to only what is necessary, following the best practices in the industry. Plus, the connector’s name will be updated to “HTTP With Microsoft Entra ID,” giving it a fresh new look!

    As for users, the good news is that existing connections will continue to work smoothly. When the time comes to migrate to the new connection type, updates will be provided to guide users through the process seamlessly. To prepare for the transition, users are encouraged to follow the steps outlined in the “Authorize the connector to act on behalf of a signed-in user” article and perform a test to ensure everything is working as expected.

    In terms of impact, this update is poised to significantly enhance security measures while ensuring a smooth transition process for both admins and users. The changes are designed to streamline operations and improve overall security posture, making it a win-win for everyone involved.

    Are you excited about these changes? Let us know your thoughts and share how you think this update will impact your workflow. Your feedback is valuable, so drop a comment below and let’s keep the conversation going!

Leave a Reply

Your email address will not be published. Required fields are marked *