You're reading from Workflow Automation with Microsoft Power Automate - Second Edition

Product typeBook

Published inAug 2022

PublisherPackt

ISBN-139781803237671

Edition2nd Edition

Tools

Power automative desktop

Concepts

Workflow Automation

Author (1)

Aaron Guilmette

Automating Azure AD

Up until this point, we’ve focused on using Power Automate as a workflow engine from a user’s perspective. We’ve focused on processing email, SharePoint lists and documents, files and folders, and approval workflows.

Shifting gears away from purely business application automation, we’re going to look at Power Automate’s capabilities when it comes to working directly with Azure Active Directory (Azure AD or AAD) administration. Azure AD is the identity storage used for applications and services across the Microsoft 365 ecosystem. When it comes to reporting or group management there are a number of routine operational tasks that hold potential for automation. From an administrative perspective, they can be important tasks that come at a high labor cost if you need to continuously task switch between a ticketing system and one or more administrative interfaces.

While Azure AD does have a lot of native group management and...

Technical requirements

Since we’re going to be working with Azure AD to retrieve user data, you’ll need an account that has global administrator access to configure your Azure AD and Microsoft 365 environments. If you’re following along using a trial tenant that you created, you should already have all of the required permissions. However, if you’re working on this in a production tenant where you don’t have the required rights, you’ll need to work with administrators who can configure the appropriate delegated permissions in the Configuring prerequisites section.

In addition to required permissions, you’ll need to walk through a procedure to configure MFA in your tenant. Configuring MFA is outside the scope of this book. However, if you are interested in learning more about it or configuring it, you can visit https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted.

While MFA doesn...

Learning about connectors and actions

In this chapter, we’re going to build on knowledge gained in other chapters, such as working with conditions, dynamic content tokens, and sending emails. We’re going to then layer on several new concepts surrounding Azure AD, including the HTTP, Parse JSON, and Create CSV table actions.

HTTP action

While working with Azure AD can typically be done using the standard Azure AD connector objects (such as the Azure AD connector and the Office 365 Groups connector), the property that stores MFA registration information is not exposed through those connectors.

In order to retrieve this data, we’ll need to look to another source: the Microsoft Graph API (commonly referred to as just the Graph API). The Microsoft Graph API is a REST-based API that allows you to interact with data stored in Azure AD. Since the data we’re looking for is stored in Azure AD, the Graph API is the natural choice for working with this...

Configuring prerequisites

Since the HTTP flow that we’re going to configure doesn’t have a way to enter a traditional username and password as the authentication mechanism, we’re going to create or register a special application with the appropriate permissions.

In addition, you’ll also need to configure a client secret, which is the application’s equivalent to a password. Together, the tenant information, application information, and client secret will be used to provide the necessary authentication to execute the flow.

Configuring an Azure AD application

To register a new Azure AD application for this flow, follow these steps:

Log in to the Azure AD portal (https://portal.azure.com) using an identity with global administrator privileges.
In the search bar, search for App registrations and select it:

Figure 15.1: Navigating the Azure portal

Click New registration:

Figure 15.2: Creating...

Creating an HTTP flow

In this section, we’re going to create the flow to retrieve the MFA registration data. Let’s begin!

Gathering the data

The first part of creating the flow is going to require connecting to Azure AD to retrieve the data necessary for building a report. We’ll use an HTTP action to query Azure AD.

In this chapter, we’re just going to focus on one of the REST resources in the Microsoft Graph API endpoint. There are hundreds of different resources that you can work with to retrieve and modify data. For a complete list of Graph API resources, see https://docs.microsoft.com/en-us/graph/api/overview.

To configure the HTTP action, follow these steps:

Navigate to the Power Automate web portal (https://flow.microsoft.com) and click Create.
Click Scheduled cloud flow.
Configure a Flow name.
Configure the schedule settings under Run this flow to execute weekly, and click Create when finished...

Testing the flow

To test this flow, you can click Test in the upper-right hand corner of the Power Automate canvas area, as shown in Figure 15.32:

Figure 15.32: Testing the flow

Select the options to manually kick off a test flow. After successfully launching a test, you can watch the active run history in the Power Automate canvas area, as shown in Figure 15.33:

Figure 15.33: Watching a flow run

If any of the actions or steps return errors, you can expand the step and review the output.

Verifying the flow

The final step is going to be reviewing the email that was sent. To do so, log into the mailbox that was used as the recipient for the Send an email (V2) action and look for the message:

Figure 15.34: Reviewing the email message with the attached report

You can open the attachment and view the details, as shown in Figure 15.35:

Figure 15.35: Examining the attachment

If everything worked correctly, you should have a report that includes all users in your Microsoft 365 tenant that do not have MFA enabled.

Expanding further

In addition to just creating CSV output, you can also explore richer data alternatives. One such option is to create an HTML table to include directly in the email.

The Create HTML table data action functions identically to the Create CSV table action, with the exception that the output is basic HTML-formatted data instead of comma-separated data. You can potentially improve your email’s usability by including the HTML output in the body of the email message.

Summary

Being able to work with Azure AD opens up a lot of administration and reporting tasks to automation. Using Power Automate to help process reporting data or other administrative tasks can potentially free up precious time to work on other high-value tasks.

In this chapter, you learned how to start working with Azure AD directly. You learned how to interact with the Microsoft Graph API to retrieve data about MFA information, parse and filter it, and then add the output as a CSV attachment to an email. You were introduced to several new actions (including HTTP, Parse JSON, and Create CSV table) and used them to retrieve and format data in a way that could be easily interpreted by a person.

In the next chapter, we’re going to start working with robotic process automation.

Learn more on Discord

To join the Discord community for this book – where you can share feedback, ask questions to the author, and learn about new releases – follow the QR...

The rest of the chapter is locked

You have been reading a chapter from

Workflow Automation with Microsoft Power Automate - Second Edition

Published in: Aug 2022Publisher: PacktISBN-13: 9781803237671

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

undefined

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Author (1)

Aaron Guilmette

Aaron Guilmette is a Senior Program Manager with the Microsoft 365 Customer Experience, helping customers adopt and deploy the Microsoft 365 platform. He primarily focuses on collaborative technologies, including Microsoft Teams, Exchange Online, and Azure Active Directory.
Read more about Aaron Guilmette

Personalised recommendations for you

Based on your interests and search pattern

Engineering Manager's Handbook

Engineering Manager's Handbook is a comprehensive guide for managers to excel in their role, foster customer-centric digital products, learn leadership, team building, and balancing technical work with management. You’ll also explore how to develop trust, authority, and collaboration to drive success and make a lasting impact.

BookSep 2023278 pages

C++ Game Animation Programming

Video game characters have a fascinating history, evolving from simple 2D sprites to high-polygon 3D models. Take a look behind the curtain and learn how to build a 3D renderer, load character models, play animations and blend between them, and create large crowds of animated people with this comprehensive C++ game animation programming guide.

BookDec 2023480 pages

Gamification for Product Excellence

This book helps you to take your product management strategy to the next level by standing out in crowded markets. Along with boosting user adoption rates by creating engaging products that incorporate playful elements, learn gamification theory and how to integrate it into your design, product development, and product management processes.

BookSep 2023350 pages

Supercharging Productivity with Trello

Supercharging Productivity with Trello is the ultimate guide for anyone looking to boost their productivity with digital tools. Whether you're new to Trello or a seasoned professional, this book covers everything from core features to advanced automation, and Power-Ups.

BookAug 2023342 pages

Automate It with Zapier and Generative AI

This comprehensive guide takes you through the concepts of business process automation, showing you how Zapier can facilitate it without having to write code and helping you to boost productivity. You’ll learn how to save time, reduce costs, and make your business recession-proof by using Zapier to automate tasks in your cloud-based business apps.

BookAug 2023706 pages

Scoring to Picture in Logic Pro

In this book, you’ll explore a variety of techniques to synchronize music to picture using Logic Pro. Though this is not a technical manual, it will teach you how to make the best use of Logic Pro and how to wield this technology to maximize your potential when scoring to picture.

BookSep 2023412 pages

Mastering Information Security Compliance Management

This concise book equips you with the knowledge and practices needed to establish and maintain an effective information security management system. The chapters provide insights into ISO/IEC 27001/27002:2022, risk management, ISMS development, incident management, audit processes, and strategies for continuous improvement.

BookAug 2023236 pages1

Implementing Atlassian Confluence

Implementing Atlassian Confluence provides both a high-level overview and an insightful path for remote collaboration with Atlassian Confluence. With this multi-layered yet practical guide, you’ll be able to set up Confluence-based collaboration with minimum external consultancy services to ensure smooth and close coordination between teams.

BookSep 2023406 pages

R Bioinformatics Cookbook

This book takes a unique problem–solution approach to handling complex tasks in the bioinformatics domain using different datasets present in the book. With the help of real-world examples, you’ll learn to put each independent recipe to use to tackle problems in the field of bioinformatics.

BookOct 2023396 pages

Build Your Own Metaverse with Unity

Build Your own Metaverse with Unity is a practical guide for developers to create their own metaverse - a virtual world with infinite possibilities. It empowers you to identify gaps in existing metaverses and improve upon them, enabling you to shape your virtual world.

BookSep 2023586 pages5