Get started with Power Automate integration in Microsoft Purview DLP
Microsoft Power Automate is a workflow service that automates actions across applications and services. By using flows from templates or created manually, you can automate common tasks associated with these applications and services. Microsoft Purview Data Loss Prevention (DLP) can take various actions across locations on sensitive content identified as per DLP policies. With Power Automate integration, you can now trigger custom Power Automate workflows as a DLP rule action.
Tip
Get started with Microsoft Security Copilot to explore new ways to work smarter and faster using the power of AI. Learn more about Microsoft Security Copilot in Microsoft Purview.
Before you begin
Before you start using Power Automate integration in Microsoft Purview DLP, read the following information on subscription, licensing, permissions, and supported locations.
Subscriptions & licensing
Purview DLP
This capability is available for all existing DLP customers with no other Purview license requirements.
Confirm your Microsoft 365 subscription and any add-ons.
More information: Microsoft 365 licensing guidance for security & compliance.
Power Automate
You need a Power Automate plan to access premium connectors.
Permissions
- There is no change to required role for DLP policy authoring in Microsoft Purview compliance portal to use this capability.
- See Get started with Power Automate for information about Power Automate roles.
Supported locations in policy
- Exchange emails
- Files in SharePoint Online & OneDrive
- Windows devices
Create a workflow
Create a custom workflow using the DLP trigger provided as part of Microsoft Purview connector. You can create a workflow from any of the following experiences:
- Power Automate portal
- DLP rule authoring page: Add Start a Power Automate workflow as an action, and then create the workflow using a template or a custom workflow using DLP trigger.
You can select or update the workflow linked to a rule just like any other DLP rule.
Use a template
The following Power Automate template is available to support process automation for DLP rule violations:
Notify manager when a DLP policy is violated: Some organizations might need to have immediate management notification when a user violates a policy. When this flow is configured and selected, the manager of the violating user is sent an email message with the following information about the event:
- User name
- Policy name
You can customize the sender and add additional information by editing the workflow in Power Automate.
Create a custom Power Automate flow
Some processes and workflows for your organization might not fit an available template. In this case, you can create custom Power Automate flows to meet your specific needs. Power Automate flows are flexible and support extensive customization, but can require configuration to integrate with data loss prevention policies:
- Create a flow that performs one or more tasks after a data loss prevention event. For details on how to create an automated flow, see Create a flow in Power Automate.
- Select the Microsoft Purview connector: Search for and select the Microsoft Purview connector. For more information on connectors, see: Connector reference overview.
- Choose data loss prevention triggers for your flow.
- Choose from available Power Automate connectors for your flow.
Share a Power Automate flow
By default, a Power Automate flow is only available to the user who created it. For other administrators to access and use a flow, the flow creator must share it. For information on how to share a flow, see: Share a cloud flow
Known issues and limitations
For files in SharePoint and OneDrive, Power Automate workflows are executed only for new or modified content. Preexisting files matching the rules don't trigger a flow.