Two-factor authentication (2FA) enhances security by requiring users to provide two different authentication factors: a password and a PIN code delivered via SMS. This method is more secure than single-factor authentication, which relies solely on a password or passcode.

In this Use Case we will leverage the Nimbus Power Automate Connector to send a PIN code via SMS which the calling Customer needs to enter to verify themselves.

Create an Azure Communication Services Instance for Sending SMS

1. Create an Azure Communication Services Resource as described in the official Microsoft documentation.
2. Under SMS concepts in Azure Communication Services - An Azure Communication Services concept document | Microsoft Learn you can read about supported sender types. With the help of the information on that page, decide on which sender type you would like to use. Once decided, enable the selected sender type to be able to start sending SMS messages.

Create Parameters

In Nimbus, create the following Parameters:

Create the Workflow

Next we need to create the Nimbus Workflow that will take the Customer Input, which will cause a Trigger Event in Flow. 

Overview of the Workflow…

 

 

Description	Screenshot
After accepting the call, start with an Input Customer Workflow Activity to check if an existing or a new Customer is calling. … 2-Factor Authentication will be performed for existing Customers only.  … if the call is coming from a new Customer or the validation of an existing Customer fails, the call will be transferred to another Nimbus service.
Next, we add a Collect Information activity to the “Existing” exit of the previous activity node. Via prompt we ask existing Customers to provide the 6-digit Customer identifier.  The entered number will be saved into the CustomerIdentifier parameter. Saving the entered identifier to the CustomerIdentifier parameter will trigger a Power Automate Flow (→ Flow 1 below), that will verify if the provided identifier is correct.
Next we are waiting for the Power Automate flow triggered by the previous step to update the CustomerRecognized parameter.
After the CustomerRecognized parameter was updated, we check it's value. In case the Customer provided a valid Customer identifier, the Power Automate flow will set the value of the parameter to Yes.
Next we save something to the StartValidation parameter. The value you save in this parameter can be anything as the purpose of this step is only to trigger the Power Automate flow (→ Flow 2 below), that will send out the SMS to the Customer's registered mobile phone.
In this step we wait for the Power Automate Trigger Event and Flow Actions to finish sending the SMS and set the SMSSent parameter.
After the SMS was sent out, we ask the Customer to enter the received four digit PIN. The PIN the Customer entered will be stored in the PIN parameter.  💡 Saving the entered PIN to the PIN parameter will trigger the third Power Automate Flow (→ Flow 3 below), that will verify if the the PIN sent via SMS and the PIN entered by the Customer are the same.
Next we are waiting for the Power Automate flow triggered by the previous step to update the ValidationCheck parameter.
After the ValidationCheck parameter was updated, we check it's value. In case the PIN entered by the Customer was the same as the PIN sent to the mobile phone, the Power Automate flow will set the value of the parameter to OK.
If the validation was successful, we inform the Customer about the successful validation and we send the call to the queue to distribute it to an available Agent.

Create the Power Automate Flows

Flow 1: Flow verifying the Customer Identifier

Once the workflow saves the Customer identifier provided by the Customer into the CustomerIdentifier parameter, we trigger the Power Automate flow checking if the provided Customer identifier is valid.

Overview of the Power Automate flow

 

 

1. Visit the Flow landing page: https://make.powerautomate.com/ 
2. Head to "My Flows".
3. Click on "+ New Flow" and create a blank "Automated Cloud Flow".
4. Give your new flow a speaking name, e.g. "Check Customer Identifier".
5. In the text box underneath, search for “Nimbus” and choose the Trigger Event  “When a task changes state”.
6. Click the "Create" button.

7. Configure the trigger as follows:

Field	Fill in
Service Item	Select the UPN of the service
Task Events	Select Parameter Updated
Trigger conditions	On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when CustomerIdentifier parameter is updated: @equals(triggerBody()?['updatedParameterName'],'CustomerIdentifier')

Next you need to add a step that checks if the Customer provided a valid Customer identifier. The exact action to use at this point depends on the system storing your Customers' data. If the system either has a Power Automate connector or provides APIs to retrieve data, then you can retrieve the necessary information via Power Automate. In this Use Case the data will be retrieved from a simple SharePoint list.

8. Add a SharePoint "Get Items" action to your flow.
9. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Site Address	Either select the SharePoint site containing the SharePoint list from the dropdown box or manually enter the site URL
List Name	Select the SharePoint List containing Customer data
Filter query	Enter a filter query to check if the Customer identifier provided by the Customer is in the list. In this example the Customer identifiers are stored in the Number column, therefore the filter looks as follows: Use the dynamic content 🌟 Updated Parameter Value Number eq 'UpdatedParameterValue' ☝ Note that the dynamic Id needs to be put in single quotation marks e.g. 'UpdatedParameterValue' or the formula will throw an expression error.
All other fields	<leave empty, as is>

Next with a condition we need to check, how many results were returned in the previous step.

10. Add a Control "Condition" action to your flow.
11. Configure the action as follows:

Field	Description
Condition expression	length(outputs('Get_items')?['body/value']) is equal to 1 ☝ To continue with the validation, there needs to be an exact match. So if either 0 or more than 1 results are returned by the previous step, then the 2-Factor Authentication process will fail.

In the False branch

12. Add a Luware Nimbus "Update task" action to your flow.
13. Configure the action as follows:

Field	Fill in
Task ID	🌟 Task ID
Custom Context Parameters	Click on and add [ { "name": "CustomerRecognized", "value": "No" } ]
All other fields	<leave empty, as is>

In the True branch

14. Add a Luware Nimbus "Update task" action to your flow.
15. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Task ID	🌟 Task ID
Custom Context Parameters	Click on and add [ { "name": "CustomerRecognized", "value": "Yes" }, { "name": "SMSNumber", "value": @{items('For_each')?['SMSNumber']} } ]   ☝@{items('For_each')?['SMSNumber'] in the above expression is referring to the E.164 formatted mobile phone number of the Customer that is stored in the SMSNumber column of the SharePoint list. 💡Good to Know:  With this step we are storing the mobile number the SMS should be sent to in the SMSNumber Nimbus parameter. This is needed to make sure our next Power Automate flow knows where to send the SMS to. In case you retrieve the phone number from a different system via a different action, the above expression needs to be adjusted.
All other fields	<leave empty, as is>

Flow 2: Flow sending the SMS message

Once the Nimbus workflow saves something into the StartValidation parameter, it will trigger the Power Automate flow sending the SMS message to the Customer's registered mobile number.

Overview of the Power Automate flow

 

 

1. Visit the Flow landing page: https://make.powerautomate.com/ 
2. Head to "My Flows"
3. Click on "+ New Flow" and create a blank "Automated Cloud Flow"
4. Give your new flow a speaking name, e.g. "Send SMS"
5. In the text box underneath, search for “Nimbus” and choose the "When a task changes state" trigger
6. Click the "Create" button.  
    
7. Configure the trigger as follows:

Field	Fill in
Service Item	Select the UPN of the service
Task Events	Select Parameter Updated
Trigger conditions	On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when SMSPhoneNumber parameter is updated: @equals(triggerBody()?['updatedParameterName'],'StartValidation')

Next we will generate a 4-digit PIN and store it in a variable.

8. Add a Variable "Initialize variable" action to your flow.
9. Configure the action as follows:

Field	Fill in
Name	PIN
Type	Integer
Value	Enter the following expression to generate a 4-digit random number: rand(1000,9999)

Next we will retrieve the Customer' E.164 formatted mobile number, which was stored by the previous Power Automate flow into the SMSNumber Custom Context Parameter.

10. Add a Data Operation "Filter array" action to your flow.
11. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
From	🌟Task Information Custom Context Parameters
Filter Query	item()?['Name'] is equal to SMSNumber

Next we will send out the 4-digit PIN to the registered mobile number of the caller via SMS.

12. Add a Azure Communication Services SMS "Send SMS" action to your flow (If you do not have a connection created yet, Power Automate will ask you to create one by providing the name and the connection string of your ACS instance).
13. Configure the action as follows:

Field	Fill in
From Phone Number	Select a phone number from the dropdown box or manually enter the sender in case you would like to use another method – like Short Code, Dynamic Alphanumeric Sender ID, Preregistered Alphanumeric Sender ID, etc. – to send the SMS.
Recipients	Click on and add [ { "to": @{body('Filter_array')?[0]['Value']} } ]
Message	Your PIN code is: @{variables('PIN')}
DeliveryReport	No

Finally we need to tell Nimbus that the SMS was sent and we will also save the generated PIN in the GeneratedPIN Custom Context Parameter.

14. Add a Luware Nimbus "Update task" action to your flow.
15. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Task ID	🌟 Task ID
Custom Context Parameters	Click on and add [ { "name": "SMSSent", "value": "Yes" }, { "name": "GeneratedPIN", "value": @{variables('PIN')} } ]
All other fields	<leave empty, as is>

Flow 3: Flow verifying the PIN entered

Once the Customer enters the PIN received via SMS, we need to verify if the generated PIN and the PIN entered by the Customer are matching.

Overview of the Power Automate flow

 

 

1. Visit the Flow landing page: https://make.powerautomate.com/ 
2. Head to "My Flows"
3. Click on "+ New Flow" and create a blank "Automated Cloud Flow"
4. Give your new flow a speaking name, e.g. "Verify PIN"
5. In the text box underneath, search for “Nimbus” and choose the "When a task changes state" trigger
6. Click the "Create" button.

7. Configure the trigger as follows:

Field	Fill in
Service Item	Select the UPN of the service
Task Events	Select Parameter Updated
Trigger conditions	On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when PIN parameter is updated:   @equals(triggerBody()?['updatedParameterName'],'PIN')

Next we will retrieve the generated PIN, which was stored by the previous Power Automate flow into the GeneratedPIN Custom Context Parameter.

10. Add a Data Operation "Filter array" action to your flow.
11. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
From	🌟Task Information Custom Context Parameters
Filter Query	item()?['Name'] is equal to GeneratedPIN

Next with a condition we need to check, if the generated PIN and the PIN provided by the Customer match.

10. Add a Control "Condition" action to your flow.
11. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Condition expression	🌟Updated Parameter Value is equal to @{body('Filter_array')?[0]['Value']}

In the True branch

12. Add a Luware Nimbus "Update task" action to your flow.
13. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Task ID	🌟 Task ID
Custom Context Parameters	Click on and add [ { "name": "ValidationCheck", "value": "OK" } ]
All other fields	<leave empty, as is>

In the False branch

14. Add a Luware Nimbus "Update task" action to your flow.
15. Configure the action as follows:

Field	Fill in / 🌟 = Nimbus dynamic content
Task ID	🌟 Task ID
Custom Context Parameters	Click on and add [ { "name": "ValidationCheck", "value": "Failed" } ]
All other fields	<leave empty, as is>