Security

How FlowStudio MCP protects your data and your tenants.

Last updated: 27 February 2026

1 Authentication Model

FlowStudio MCP uses a multi-step authentication flow. No step gives FlowStudio direct access to your Microsoft credentials.

1.
Microsoft sign-in — You authenticate with Azure AD (Microsoft Entra ID) via OAuth 2.0 authorization code flow. FlowStudio never sees your password.
2.
Consent — You explicitly approve two Power Platform scopes: Flows.Read.All, Flows.Manage.All, Activity.Read.All, and User (PowerApps). No mailbox, calendar, or file scopes are requested.
3.
JWT token — A per-user API key (JSON Web Token) is issued from your dashboard. This token is passed as x-api-key (not Bearer) with every MCP request.
4.
Delegated API calls — When your AI agent calls an MCP tool, FlowStudio uses your delegated OAuth token to call the Power Automate REST API. The call is made in your security context, subject to your tenant's RBAC and DLP policies.

2 Token Storage

FlowStudio stores two types of tokens:

Token Storage Lifetime
MCP API key (JWT) Derived on demand from TOKEN_SECRET; not persisted 30 days (re-issuable)
Microsoft refresh token Encrypted at rest; planned migration to Azure Key Vault Until consent is revoked

3 Data Retention

Free & Pro tiers

Every MCP tool call is a pass-through to the Power Automate API. We do not store flow definitions, run data, or action payloads. Requests are logged for usage metering only (see Log Contents below).

Team tier (store tools)

Team tier caches flow metadata, run statistics, governance tags, and connection inventories in our database. This cached data is used to power the list_store_* / get_store_* tools. It does not include flow action source code or runtime payloads. Cached data is deleted within 30 days of subscription cancellation.

4 Log Contents

Server logs record the following for operational and usage-metering purposes:

  • Timestamp and tool name called (e.g. list_live_flows)
  • User identifier (hashed email) and subscription tier
  • Environment name targeted
  • HTTP status code returned by Power Automate API
  • Latency and byte count

Not logged: flow definitions, action payloads, connection secrets, run output data, bearer tokens.

Logs are retained for 90 days in Azure Application Insights and automatically purged thereafter.

5 Revoking Access

You can revoke FlowStudio's access at any time using either method:

From FlowStudio Dashboard

  1. Go to your Dashboard
  2. Click "Revoke permission" in the Permission Grant card
  3. Your refresh token is deleted and your API key becomes invalid

From Microsoft

  1. Go to myapps.microsoft.com
  2. Find "FlowStudio" and remove consent
  3. Or: Azure AD → Enterprise Apps → FlowStudio → Permissions → Revoke

6 Infrastructure

  • Hosted on Azure (Australia East region)
  • All traffic is TLS 1.2+ encrypted in transit
  • Azure Static Web Apps with Azure Functions backend
  • Stripe handles all payment data — we never see card numbers
  • Microsoft Entra ID (Azure AD) handles identity — we never see passwords

! Security Incident Contact

If you discover a vulnerability or suspect a security incident, please contact us immediately:

Email: [email protected]

Subject line: [SECURITY] — description of issue

We aim to acknowledge security reports within 24 hours and provide a resolution timeline within 72 hours.