Skip to content
Annatech_

Intelligent Automation / Security

Unattended automation under mandatory MFA: 8-12 prompts down to 2

Global healthcare-technology enterprise - master data operations

MFA prompts per transaction
8-12 → 2
fewer authentication cycles
~80%
security-policy exceptions requested
0
verified under live queue load
Production

Architecture at a glance

BEFORE - 8 TO 12 MFA PROMPTS PER TRANSACTION SP component 1 SP component 2 SP component 3 SSO pool exhausted 60s login timeout AFTER - 2 MFA POINTS, SESSION REUSED MFA 1 all SharePoint operations inside session validity window MFA 2 verified in production ~80% fewer authentication cycles - zero security-policy exceptions

Context

An unattended robot validates requests against a SharePoint list, updates SAP material master data via MM02, and writes results back to SharePoint. When multi-factor authentication became mandatory on the SharePoint tenant, the process started failing mid-queue.

Constraint

The security policy was non-negotiable - interactive TOTP-based MFA stays, and no exceptions would be granted for a robot account. Each workflow component authenticated independently, driving 8 to 12 MFA cycles per transaction; the SSO token pool exhausted after a handful of items and produced 60-second login timeouts.

Architecture

Rather than fighting the policy, the process was re-architected around it. Authentication was consolidated into two strategic MFA points per transaction, with the authenticated browser session reused across all SharePoint operations inside its validity window.

Operations were resequenced so that long-running UI steps execute outside the authenticated window, and the component workflows were stripped of their redundant standalone logins. The critical constraint - all SharePoint operations completing within the session lifetime - became an explicit, tested design parameter instead of an accident.

Outcome

Roughly 80% fewer MFA cycles, SSO-timeout failures eliminated, and production verification under live load - with the security posture exactly as the policy demanded. The pattern has since served as the template for other MFA-constrained unattended processes.

More work

Related case studies

Talk to the person who will actually build it

One architect, end to end: scoping, architecture, delivery, operations. Write a paragraph about your problem and you will get an engineering answer, not a sales call.