Configuring Azure AD Orchestration App for Employee Onboarding
Here’s a sample workflow to demonstrate the use of the Orchestration app to automate employee onboarding use case in an organization.
The very first node will check if the event of an Azure AD Employee Onboarding service request is raised.
Then we pull in the App Node which will have the following configurations:
App Name: Azure AD - Orch
App Action: Get User Details By Username
We only need to specify the username/user principal name, this step will ensure that the user does not exist already with the same UPN/username.
After every Azure AD app node execution, we are checking the status code and adding a relevant success or failure note to the ticket.
If the user is not found you can then pull in the App Node which will have the following configurations:
App Name: Azure AD - Orch
App Action: Create User
Notes when Configuring Inputs:
<first_name>.<last_name>@<active_directory_domain>.com
To retain the lowercase convention for user principal names we’re also using liquid templates as following in the app node as a placeholder:
Example
{{ticket.ri_46_cf_first_name | downcase}}.{{ticket.ri_46_cf_last_name | downcase}}@fdstaging-office365.com
4. Once the user is created in Azure AD we then pull in the Reader Node which has the job title to group name mappings.
The reader node will be configured to check the job title in the service request. Based on the job title, we will pass the group name to the next node which is to look up the group based on the group name.
Now that we have the group name mapped using the reader node from the custom object based on the job title received in the service request, we pull in the App Node which will have the following configurations:
App Name: Azure AD - Orch
App Action: Lookup Group
6. Once we check for the group's existence we now add the user to the relevant group, again we pull in the App Node which will have the following configurations:
App Name: Azure AD - Orch
App Action: Add User To Group
Notes when Configuring Inputs:
username - From the output of the create user app action node, we add the placeholder for the user principal name.
group_object_id - The group object ID is fetched from the lookup group app action node.
Let’s see the use case execution in action.