Installation
Create a service account
After the environment has been created, you will need to create a service account. This account will run the Power Automate solution and will also be used to install the solution later. We suggest to give the service account a descriptive name as the name will be shown to end-users when they receive notifications. Below are our suggestions, but any name and email address will work.
| Name | Share Control |
|---|---|
| Email address | svc_sharecontrol@domain.com |
The account will need a license for SharePoint, Outlook, and Power Automate (not premium). You can assign any license that covers these three applications. If you, however, still are unsure which license to choose, we can recommend Microsoft 365 Business Basic and Office 365 F3.
It also needs to be added to the Owners group for the related SharePoint site(s).
You also need to assign the account the security role of System Administrator for every Power Automate environment where the notification solution will be installed. This is done under Environments > ShareControl > Settings > Users in the admin center.
Disclaimer: Multi-factor authentication
We advice to create the service account without multi-factor authentication (MFA) as MFA can disrupt the service of the Power Automate solution. If you insist on using MFA for the service account, we cannot guarantee the reliability of the solution as it will depend on your Microsoft 365 and Azure AD settings.
If you want to keep MFA enabled on the account, we recommend that you verify your tenant settings and make sure you follow the recommendations from Microsoft about token lifetime settings. In particular, we recommend to disable the setting for remember multi-factor authentication and keep the default value of until-revoked for the token policy setting MaxAgeMultiFactor in Azure AD.