Connectors
Microsoft Azure Active Directory Connector
6 min
overview the azure active directory connector enables streamlined user account management and automation of identity related tasks within the azure ecosystem azure active directory (azure ad) is microsoft's cloud based identity and access management service, which helps employees sign in and access resources this connector enables swimlane turbine users to manage user accounts and automate identity related workflows directly within the platform by integrating with azure ad, users can create, delete, retrieve, list, and update user accounts, streamlining identity management and enhancing security automation within their organizations prerequisites to utilize the azure active directory connector with swimlane turbine, ensure you have the following oauth 2 0 client credentials for authentication with these parameters url the endpoint url for azure ad services client id the application (client) id registered in azure ad client secret the application secret that was generated for the app registration in azure ad token url the url to retrieve the oauth2 token from azure ad scope the scope of the access request, which might include one or more permissions asset setup client credential flow authentication authentication uses azure application oauth2 you will need an admin account in azure to create the application recommended application permissions (feel free use custom permissions if you only use certain actions) user readwrite all directory readwrite all directory accessasuser all user readbasic all directory read all user manageidentities all user enabledisableaccount all user enabledisableaccount all in order to set up the asset, you need the following azure application client id azure application client secret azure tenant id steps to create the azure app go to the app registration page https //portal azure com/#blade/microsoft aad registeredapps/applicationslistblade in the azure portal click new registration enter a name for your new application and choose accounts in this organizational directory only , then click register at the bottom navigate to the api permissions tab on the left navigation menu select add a permission select microsoft graph select application permissions , then mark all the permissions you need for the actions you are using (see suggested permissions at the top of the asset setup section) click the add permissions button at the bottom of the page select grant admin consent for your organization, then your permissions should look as below navigate to the certificates & secrets tab and select new client secret fill out the description and expiration, then click the add button at the bottom the value of the secret you just created is the client secret needed for the swimlane asset navigate to the overview tab on the left menu the client id and tenant id needed in the asset are shown on this page the client id , tenant id , and client secret described in the steps above are the credentials you need for the asset notes for more information refer to api documentation api document https //learn microsoft com/en us/graph/api/resources/user?view=graph rest 1 0 query parameters documentation odata v4 https //docs microsoft com/en us/graph/query parameters for more information about the use of consistencylevel and $count, see advanced query capabilities on directory objects https //learn microsoft com/en us/graph/aad advanced queries?tabs=http