Post a 2FA Text Message to a Microsoft Teams Channel
There are many reasons to use shared accounts, some good and some bad. Whatever your reason is, enabling 2FA on a shared account can be a difficult process. What happens when you need to sign in? What if users don't want to give you their personal phone number?
In this post, we'll go over how you can use Twilio and Microsoft Flow to post a 2FA verification code to a channel in Microsoft Teams.
We all know that Twilio can send text messages sent to one phone number, to many phone numbers. But if your users don't want to provide their personal phone numbers, you can use this work around instead.
Here's a quick preview of what we're going to do:
1. Reserve a phone number in Twilio for the shared account
2. Create a Flow in Power Automate to automatically post text messages to a Teams Channel
Some things to note:
Twilio can't forward short codes. So there's a list of 2FA providers that will not work with this process, including Microsoft and Google accounts.
Some people find Twilio hard to navigate. I am one of those people. Be patient with yourself if you're having a hard time finding things.
Prerequisites before we start:
1. Create a free Twilio account. Your account starts with $15 of credit, which is more than enough to get us started. Create a phone number in the default project.
2. Create a free Power Automate account. Accounts are always free, but there are premium connectors that we'll use in this process that aren't. Use your trial to test these out before you buy.
Alright, now that you've created your Twilio and Power Automate accounts, let's get started!
We're going to start with creating the automation in Power Automate, because we'll need some information from it in order to connect to Twilio.
Create the Flow in Power Automate
1. Login to Power Automate and select + Create from the left menu.
2. Select Automated Flow, then select Skip on the pop up.
3. The first step in creating any Flow is to set a Trigger. This tells the Flow when to run. For our purposes, we need this one:
4. Select the Trigger from the list, and you should see a configuration item that looks like this:
The next few steps are a little wonky, and that's only because we need the HTTP POST URL, which is only created once the Flow runs for the first time. We also need the Request Body JSON Schema, which we also don't have yet. So just hang on for the next few steps, it'll make sense at the end.
5. Since we can't save and run our Flow as-is, let's just create a variable to store our response information from the HTTP request. Select + New Step, and find this Action:
6. Give the Variable any name you want, and set the type to "Object". For Value, insert the Dynamic Content "Body" from the HTTP Trigger:
7. Create a second string type Variable called TextMessage, and do not assign any value for now. We will use this later.
8. Save the Flow for now, and let's jump over to Twilio!
Reserve and Setup the Phone Number in Twilio
2. Follow these steps to create a messaging service for incoming text messages. Make sure your messaging service has the following setting:
3. Navigate back to Phone Numbers> Manage> Active Numbers and select your phone number from the list.
4. Scroll down to the messaging section, and select the messaging service you just created. In the CONFIGURE WITH OTHER HANDLERS drop down, select Webhooks, TwiML bins, Functions, Studio or Proxy.
5. Under A MESSAGE COMES IN, select Webhook, and then paste the HTTP POST URL from step 4 in the previous section.
Configure 2FA in Your App Service & Test Your Flow
Make sure your Flow is turned on! We're going to test it in the next steps!
1. Now, go back to your app service and enter the Twilio number you just created in the app service as your 2FA number. This will usually generate a text message to verify the phone number.
2. Go back to your Flow in Power Automate. In the next few seconds, you should see the Flow trigger automatically. If you don't, there's something wrong with the message handler in Twilio.
Finish Creating your Flow
1. Click the Flow run instance. Click the second step we created earlier, initialize variable, then click Show raw inputs. This will include the raw data from the text message you just triggered from your 2FA app service.
(The content in the screenshot below has been scrubbed for security purposes)
2. Copy the data from the left pop up screen, then select Edit
3. Select the trigger When a HTTP request is received, then select Use sample payload to generate schema. Paste the data from step 2 in the schema window, then click Done.
4. You can now use dynamic content from the HTTP request for the rest of your Flow! Let's finish setting it up now.
5. Create the following steps in your Flow. You'll need access to an account that has permissions to post message to your Team. Don't forget to click Save!
6. Now it's time for the final test! Trigger another 2FA request from your app service. If successful, you should see a post made to your Teams channel with your 2FA code! Here's an example of mine from Twilio 2FA: