Generating pseudo-random passwords in Microsoft Flow

4 min readJul 21, 2018

As part of a User Onboarding process that I am building for my Red Plane Insider programme, I need to create Azure B2C users and that means generating them a temporary password.

Here is how I achieve that in Flow. Actually I have two methods. One with a slightly more complicated expression and one with more Flow steps, but much simpler expressions. So if you aren’t keen on writing lengthy expressions then the first method should work well for you.

For this example we are going to follow a similar approach to how Microsoft sets office 365 passwords. Typically they have a capital letter and then three lowercase letters, followed by four numbers. Actually I think they go a bit further and make it look more like a word. So maybe a capital consonant followed by lowercase vowel followed by a lowercase consonant followed by a lowercase vowel. They probably then pass it through a profanity checker. We won’t be going into that level of detail here, so I leave those extra tasks up to you as home work.

Method 1: Very low-code

In this method we will try to keep our expressions at a minimum.

First of all we need a variable to store our password.

Next, we need an Array Variable to act as a dictionary. An “Array” is a technical term which basically just means a collection of things. In this case it will be a collection of letters, numbers and possibly symbols.

We will also store a variable to hold the Password Length as I had some problems using a “length” expression in a Switch statement.

Now we are going to build our password up one character at time. To do this we can add a “loop” which is the technical term for the “do until“ action. We will do until the password length is 8 characters. I’m afraid we need to use a expression to work out the password string length.

Inside our loop we want to perform a different action dependent on which character of the password we are currently generating. To do this we can use a Switch statement. And perform the switch against the current length of the password. A Switch is a neater way to do lots of IF…ELSE statements with lots of checks against a single variable. So, if our password length is 0,1,2,3, etc character long then it runs the actions in the statement block that matches the switch “case”.

Inside the column for a zero lengthed password we want to use a “Append to String” action and, unfortunately, we do need an another expression here, but it’s an easy one. We simply want to choose a “Random” item from our array, but only the first 26 items (the capital letters). When you reference items in an Array, the first item is referenced and item 0, not item 1. So, our expression is .

variables(‘Dictionary’)[rand(0,25)]

We will use the “default” branch to run when the password length is 1, 2 or 3 letters long. the default branch is run when there are no other matching branches. This time our Add to String action will pick a random letter from Array positions 26 (the 27th item), and 51 (the 52nd item). These are the lower case letters.

variables(‘Dictionary’)[rand(26,51)],

Our other case branch will be for when the password length is 4. This time we pick a random number between 1000 and 9999 and append it to our password sting.