Last updated: 2022-02-02
Overview
Perform operations in AzureAD using workflows and track apps, users and usage in Freshservice.
Description
The Azure AD integration lets you automate repeatable actions within Freshservice and also helps you track accurate usage information for SaaS Management.
Orchestration
Orchestration apps give you the ability to automate several repeatable actions that span across a diverse set of systems by performing specific actions with Freshservice Workflows. With the Azure app you can perform actions for:
User Management
01. Create User
02. Update User
03. Add User to Group
04. Reset Password
05. Delete User
06. Disable User
07. Get Users Details by User ID
08. Get Users Details by Username
09. Revoke users sign in sessions by ID
10. Revoke users sign in sessions by username
11. Assign Manager to User
12. Get Users Manager By Username
13. Enable User by Username
14. Enable User by User ID
15. Check Is User Enabled By Username
16. Check Is User Enabled By ID
17. Lookup extension property
18. Get User Properties
19. Add User to Multiple Groups
20. Check User is Part of Group by Username
21. Check User is Part of Group by User ID
22. Get Group Membership Of User By Username
23. Remove User from Groups by User ID
Group Management
1. Create Group
2. Update Group
3. Delete Group
4. Get Group Details
5. Remove Group Owner
6. Remove Group Member
7. Assign Group Ownership to User using User ID
8. Assign Group Ownership to User by Username
9. Add User to Multiple Groups
Application Management
1. Get Application Details
2. Remove Application Password
3. Delete Application
Directory Objects Management
1. Delete Directory Object with ID
Organization Management
1. Get Organization Details
License Management
1. Add License To User with Username
2. Add License To User with ID
3. Remove Licenses with Username
4. Remove Licenses with ID
5. Add License to Group
6. Remove Licenses from Group
Administrative Units
1. Create Administrative Unit
2. Update Administrative Unit
3. Get Administrative Unit By Id
4. Lookup Administrative Unit By Name
5. Delete Administrative Unit
6. Add Users To Administrative Unit
7. Add Groups To Administrative Unit
8. Remove Users From Administrative Unit
9. Remove Groups From Administrative Unit
SaaS Management
Freshservice’s direct integrations for SaaS management enables accurate and reliable user and usage data discovery. Integrate with Azure AD to:
This integration requires the SaaS Management Add-on. More details can be found here.
To use this integration for SaaS Management,
Note: To know more about what SaaS Discovery is, click here.
Note: The first sync might take a couple of hours depending on your data load.
Note:
To discover the 60-day login activity from Azure AD to Freshservice, this integration requires the user configuring the integration to have an Azure Directory Premium P1 or P2 license. The integration can be used even if you don’t have this license, but user login activity will not be available in Freshservice.
Prerequisites
1. #### Azure Active Directory App Should Be Created
2. Once you login into your account on the Azure portal and navigate to search for “Azure Active Directory”.
3. On the active directory page in the left side panel, Click on App Registrations
4. Then click on New registration
5. Enter a meaningful name for your app such as “fs-orchestration”
6. Click on Register
B. Permissions Should Be Assigned
In the Azure portal, go to Azure Active Directory,
1. Click on “App Registrations”, then select your app
2. Click on “API Permissions”
3. Then, “Add Permissions” > ”Microsoft Graph” > “Application Permissions”
4. Select the permissions mentioned below
If you're enabling the integration for SaaS management select the following permissions in addition to the above.
5. Make sure you click on “Grant Admin Consent for Directory”
C. Additional Permission should be assigned for Reset Password Action
In the Azure portal, go to Azure Active Directory,
1. Go to Azure AD -> Roles and administrators
2. Search for the User administrator role and select it.
3. Click on Add assignment and search for the app created in Prerequisite point A, select the app from search results then click Save.
Installation Parameters
1\. Client ID
2\. Key (Secret Value)
3\. Active Directory Domain
Installation Parameters Description
All installation parameters can be found in the Azure portal.
1. Once you login into your account on the Azure portal, navigate to search for “Azure Active Directory”.
2. On the active directory page in the left side panel, click on Overview > Copy “Primary Domain” i.e. your Active Directory Domain
3. App Registrations > Open App > Copy “Application (client) ID
4. App Registrations > Certificates & secrets (left panel) > Click on “New client secret” > Copy “Value”, which is your secret key.
Please ensure that you copy and save this key since it will not be visible post its creation.
Usecases
Now that you've successfully installed the Azure AD orchestration app, please have a look at the sample use cases below to show how the app can be used efficiently.