Azure AD

Azure Active Directory is an Identity and Access Management cloud solution that extends your on-premises directories to the cloud and provides single sign-on to thousands of cloud (SaaS) apps and access to web apps you run on-premises.

This connector is available in the following products and regions:

Service Class Regions
Logic Apps Standard All Logic Apps regions except the following:
     -   Azure China regions
Flow Standard All Flow regions
PowerApps Standard All PowerApps regions

To use this integration, you will need access to an Azure Active Directory account with sufficient privileges. To make a connection, select Sign In. You will be prompted to provide your account information, follow the remainder of the screens to create a connection.

To use the Azure AD connector, the account needs to have the following administrator permissions:

  • Group.ReadWrite.All
  • User.ReadWrite.All
  • Directory.ReadWrite.All

More information on Graph permissions and how to configure them can be found here: https://aka.ms/p1sylu

You're now ready to start using this integration.

Known issues and limitations

  1. The connector does not return custom attributes of Azure AD entities.

Throttling Limits

Name Calls Renewal Period
API calls per connection10060 seconds

Actions

Add user to group

Add a user to a group in this AAD tenant.

Assign manager

Assign a manager for a user.

Check group membership

If the user is a member of the given group, the result will contain the given id. Otherwise the result will be empty.

Create group

Create a group in your AAD tenant.

Create user

Create a new user in your AAD tenant.

Get group

Get details for a group.

Get group members

Get the users who are members of a group.

Get groups of a user

Get the groups a user is a member of.

Get user

Get details for a user.

Remove Member From Group

Remove Member From Group

Update user

Update the info for a user.

Add user to group

Add a user to a group in this AAD tenant.

Parameters

Name Key Required Type Description
Group Id
id True string

Unique identifer of a group (Ex. '40639f36-46a6-73a6-91e2-9584b7913429').

User Id
@odata.id True string

Unique identifer of a user (Ex. '5e6cf5c7-b511-4842-6aae-3f6b8ae5e95b').

Assign manager

Assign a manager for a user.

Parameters

Name Key Required Type Description
User Id or Principal Name
id True string

Unique identifier of a user (Ex. 'user@tennant.onmicrosoft.com' or '5f6ce5c7-b521-4842-9bbe-3f6d5aa5e35b').

User Id of the Manager
@odata.id True string

Unique identifer of a manager (Ex. '5f6cf5c7-a561-4842-9aae-3e6d8ce5e95b').

Check group membership

If the user is a member of the given group, the result will contain the given id. Otherwise the result will be empty.

Parameters

Name Key Required Type Description
User Id or Principal Name
id True string

Unique identifier of a user (Ex. 'user@tennant.onmicrosoft.com' or '5f6ce5c7-b521-4842-9bbe-3f6d5aa5e35b').

Group Id
groupIds string

Unique identifier for the group (Ex. '40649f36-46b6-46a6-95e1-9454b7433219').

Returns

Create group

Create a group in your AAD tenant.

Parameters

Name Key Required Type Description
Display Name
displayName True string

Display name of the new group.

Description
description True string

Description of the new group.

Mail Nickname
mailNickname True string

The mail alias of the new group.

groupTypes string

Choose 'Unified' for an O365 group. Choose 'None' for a security group.

Security Enabled
securityEnabled True boolean

True if the new group is a security group.

Mail Enabled
mailEnabled True boolean

True if the new group is a mailing group.

Returns

Name Path Type Description
@odata.context
@odata.context string

@odata.context

id
id string

id

deletedDateTime
deletedDateTime string

deletedDateTime

classification
classification string

classification

createdDateTime
createdDateTime date-time

createdDateTime

description
description string

description

displayName
displayName date-time

displayName

groupTypes
groupTypes array of string

groupTypes

mail
mail string

mail

mailEnabled
mailEnabled boolean

mailEnabled

mailNickname
mailNickname date-time

mailNickname

onPremisesLastSyncDateTime
onPremisesLastSyncDateTime string

onPremisesLastSyncDateTime

onPremisesSecurityIdentifier
onPremisesSecurityIdentifier string

onPremisesSecurityIdentifier

onPremisesSyncEnabled
onPremisesSyncEnabled boolean

onPremisesSyncEnabled

proxyAddresses
proxyAddresses array of string

proxyAddresses

renewedDateTime
renewedDateTime date-time

renewedDateTime

securityEnabled
securityEnabled boolean

securityEnabled

visibility
visibility string

visibility

Create user

Create a new user in your AAD tenant.

Parameters

Name Key Required Type Description
Account Enabled
accountEnabled True boolean

True if the new account should be enabled when it is created.

Display Name
displayName True string

The name displayed in the address book for the user.

Mail Nickname
mailNickname True string

The mail alias for the user.

Password
password True string

The password for the user. The user will be required to change the password on the next login.

User Principal Name
userPrincipalName True string

The user principal name (UPN) of the user.

Given Name
givenName string

The user's given name (first name).

Surname
surname string

The user's surname (family name or last name).

Business Phone
businessPhones string

Business phone number for the new user in any format such as '1 (234) 567-8910'.

Department
department string

The name for the department in which the user works.

Job Title
jobTitle string

The user’s job title.

Mobile Phone
mobilePhone string

The mobile phone number for the user in any format such as '1 (234) 567-8910'.

Office Location
officeLocation string

The office location in the user's place of business.

Preferred Language
preferredLanguage string

The preferred language for the user. Should follow ISO 639-1 Code; for example 'en-US'.

Returns

Get group

Get details for a group.

Parameters

Name Key Required Type Description
Group Id
id True string

Unique identifer of a group (Ex. '40639f36-46a6-73a6-91e2-9584b7913429').

Returns

Get group members

Get the users who are members of a group.

Parameters

Name Key Required Type Description
Group Id
id True string

Unique identifer of a group (Ex. '40639f36-46a6-73a6-91e2-9584b7913429').

Top
$top integer

Limit on the number of results to return (default = all).

Returns

Get groups of a user

Get the groups a user is a member of.

Parameters

Name Key Required Type Description
User Id or Principal Name
id True string

Unique identifier of a user (Ex. 'user@tennant.onmicrosoft.com' or '5f6ce5c7-b521-4842-9bbe-3f6d5aa5e35b').

Security Enabled Only
securityEnabledOnly True boolean

Determines if only security enabled groups should be fetched.

Returns

Get user

Get details for a user.

Parameters

Name Key Required Type Description
User Id or Principal Name
id True string

Unique identifier of a user (Ex. 'user@tennant.onmicrosoft.com' or '5f6ce5c7-b521-4842-9bbe-3f6d5aa5e35b').

Returns

Remove Member From Group

Remove Member From Group

Parameters

Name Key Required Type Description
Group Id
groupId True string

The Id of the group.

Member Id
memberId True string

The Id of the member.

Update user

Update the info for a user.

Parameters

Name Key Required Type Description
User Id or Principal Name
id True string

Unique identifier of a user (Ex. 'user@tennant.onmicrosoft.com' or '5f6ce5c7-b521-4842-9bbe-3f6d5aa5e35b').

User Principal Name
userPrincipalName string

The user principal name (UPN) of the user.

Display Name
displayName string

The name displayed in the address book for the user.

Mail Nickname
mailNickname string

The mail alias for the user.

Given Name
givenName string

The given name (first name) of the user.

Surname
surname string

The user's surname (family name or last name).

Account Enabled
accountEnabled boolean

True if the new account should be enabled.

Job Title
jobTitle string

The user’s job title.

Department
department string

The name for the department in which the user works.

Mobile Phone
mobilePhone string

The mobile phone number for the user in any format such as '1 (234) 567-8910'.

Office Location
officeLocation string

The office location in the user's place of business.

Preferred Language
preferredLanguage string

The preferred language for the user. Should follow ISO 639-1 Code; for example 'en-US'.

Business Phone
businessPhones string

Business phone number for the new user in any format such as '1 (234) 567-8910'.

Definitions

GetGroup_Response

Name Path Type Description
Id
id string

The unique identifier for the group.

Deleted Date Time
deletedDateTime date-time

Date-time the group was deleted.

Created Date Time
createdDateTime date-time

Date-time the group was created.

Description
description string

An optional description for the group.

Display Name
displayName string

The display name for the group.

Mail
mail string

The SMTP address for the group.

Mail Enabled
mailEnabled boolean

True if the group is mail-enabled.

On Premises Last Sync Date Time
onPremisesLastSyncDateTime date-time

A date-time indicating the last time at which the group was synced with the on-premises directory.

On Premises Sync Enabled
onPremisesSyncEnabled boolean

True if this group is synced from an on-premises directory.

Security Enabled
securityEnabled boolean

True if the group is a security group.

Visibility
visibility string

Visibility of the group (public or private).

GetUser_Response

Name Path Type Description
Id
id string

A unique identifer for the user.

Business Phones
businessPhones array of string
Display Name
displayName string

The name displayed in the address book for the user.

Given Name
givenName string

The given name (first name) of the user.

Job Title
jobTitle string

The user’s job title.

Mail
mail string

The SMTP address for the user.

Mobile Phone
mobilePhone string

The primary cellular telephone number for the user.

Office Location
officeLocation string

The office location in the user's place of business.

Preferred Language
preferredLanguage string

The preferred language for the user. Should follow ISO 639-1 Code; for example 'en-US'.

Surname
surname string

The user's surname (family name or last name).

User Principal Name
userPrincipalName string

The user principal name (UPN) of the user.

GetMemberGroups_Response

Name Path Type Description
Member Group Id
string

An id of a group the user is a member of.

GetGroupMembers_Response

Name Path Type Description
Group Members
value array of GetUser_Response

Array of users that are members of the group.