Skip to content

Retrieves stored user data in Azure Active Directory

Category: Active Directory

Description: This extension module allows managing a user data request to AZURE AD.

Functionality: Use this extension module to retrieve the stored user data in Azure Active Directory.

Prerequisites

  1. Azure Active Directory Account

    • You must have an Azure AD account. If you don't have one, you can sign up and create it Here.

Definition:đź“š Azure Active Directory is a cloud-based directory service that enables organizations to manage user and resource access and identity in the cloud and on their local networks. Each user registered in Azure Active Directory receives a unique identifier called "Object ID," which is an alphanumeric value that uniquely identifies that user within the directory. This identifier can be used in various operations, such as assigning permissions and performing queries and searches in the directory. In summary, the Object ID is a key element for user management and administration in Azure Active Directory.

Implementation

Object Identifier in Azure Active Directory: A string field that identifies a unique value used to identify a user in Azure Active Directory. For example, "93f06bf1-4408-4b29-9737-c5e94dfsasf7a1".

TENANT Identifier in Azure Active Directory: The TENANT identifier in Azure Active Directory (Azure AD) is a unique alphanumeric value that exclusively identifies the Azure AD instance to which an organization belongs. The term "tenant" refers to an Azure AD instance that represents the organization and its users, groups, and resources in the Azure AD directory.

Client Identification in Azure Active Directory: The Client Identification in Azure Active Directory (Azure AD) is a unique value used to exclusively identify an application or service interacting with Azure AD. This identifier is used to authorize and authenticate the application or service in Azure AD and to register and track its interactions and transactions in the directory.

Client Secret in Azure Active Directory: The Client Secret in Azure Active Directory (Azure AD) is a value used as an authentication and authorization method for applications integrating with Azure AD. The client secret is a randomly generated string of characters used to identify and authenticate an application or service in Azure AD.

Graph API Version: The Active Directory data is retrieved using the API on the graph.microsoft.com platform. This field must specify the version of the graph.microsoft API.

If VERSION_API_GRAPH = beta is used, the component's result will be similar to the one shown below:

Output Entity: Entity that returns a JSON with the user information retrieved from Active Directory. It is important to note that the user's email is in the 'email' property of the JSON.

Response JSON Structure:

    {

        "@odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
        "id": "93f06bf1-4408-4b29-7777-c5e94dfsasf7a1",
        "deletedDateTime": null,
        "accountEnabled": true,
        "ageGroup": null,
        "businessPhones": [],
        "city": null,
        "createdDateTime": "2020-03-23T18:30:13Z",
        "creationType": null,
        "companyName": null,
        "consentProvidedForMinor": null,
        "country": null,
        "department": null,
        "displayName": "demo",
        "employeeId": null,
        "employeeHireDate": null,
        "employeeType": null,
        "faxNumber": null,
        "givenName": "demo",
        "imAddresses": [],
        "infoCatalogs": [],
        "isManagementRestricted": null,
        "isResourceAccount": null,
        "jobTitle": null,
        "legalAgeGroupClassification": null,
        "mail": null,
        "mailNickname": "demo",
        "mobilePhone": null,
        "onPremisesDistinguishedName": "CN=demo,OU=\_E-contact,DC=e-contact,DC=cl",
        "officeLocation": null,
        "onPremisesDomainName": "e-contact.cl",
        "onPremisesImmutableId": "c5GyVfddsfkGs/o3dd3anuM6g==",
        "onPremisesLastSyncDateTime": "2020-12-10T16:24:27Z",
        "onPremisesSecurityIdentifier": "S-1-5-21-842925246-688744444-839522115-dfasdf23",
        "onPremisesSamAccountName": "demo",
        "onPremisesSyncEnabled": true,
        "onPremisesUserPrincipalName": "demo@e-contact.cl",
        "otherMails": [],
        "passwordPolicies": "DisablePasswordExpiration",
        "postalCode": null,
        "preferredDataLocation": null,
        "preferredLanguage": null,
        "proxyAddresses": [],
        "refreshTokensValidFromDateTime": "2020-03-23T18:08:13Z",
        "showInAddressList": null,
        "signInSessionsValidFromDateTime": "2020-03-23T18:08:13Z",
        "state": null,
        "streetAddress": null,
        "surname": null,
        "usageLocation": null,
        "userPrincipalName": "demo@e-contact.cl",
        "externalUserState": null,
        "externalUserStateChangeDateTime": null,
        "userType": "Member",
        "employeeOrgData": null,
        "passwordProfile": null,
        "assignedLicenses": [],
        "assignedPlans": [],
        "deviceKeys": [],
        "identities": 
        [
            {
                "signInType": "userPrincipalName",
                "issuer": "econtactcl.onmicrosoft.com",
                "issuerAssignedId": "demo@e-contact.cl"
            }
        ],
        "onPremisesExtensionAttributes": 
        {
            "extensionAttribute1": null,
            "extensionAttribute2": null,
            "extensionAttribute3": null,
            "extensionAttribute4": null,
            "extensionAttribute5": null,
            "extensionAttribute6": null,
            "extensionAttribute7": null,
            "extensionAttribute8": null,
            "extensionAttribute9": null,
            "extensionAttribute10": null,
            "extensionAttribute11": null,
            "extensionAttribute12": null,
            "extensionAttribute13": null,
            "extensionAttribute14": null,
            "extensionAttribute15": null
        },
        "onPremisesProvisioningErrors": [],
        "provisionedPlans": [],
        "email": "demo@e-contact.cl"
    }

Error Handler: The intention to execute in case of an error. The action flow will be interrupted, and the error description will be passed to the selected intention named 'AzureAD_email_Error'.

Implementation Example

Field Value
Object Identifier in Azure Active Directory: IdUserAD
TENANT Identifier in Azure Active Directory: AzureAD_CLIENT_ID: d4914415-cccc-499e-9407-c7a41b14bc80
Client Identification in Azure Active Directory: 93f06bf1-4408-4b29-9737-c5e94dfsasf7a1
Client Secret in Azure Active Directory: '8461cc23-cccc-42f0-b963-44444374eea4'
Graph API Version: 'v1.0'
Entity that returns a JSON with the user information: @OUTPUT_RESULT_ENTITY
Error Handler: ErrorHandler

Returns the data stored in Azure Active Directory based on the user's Identifier.

The result of this query is a JSON with the following format:

{ 
    "@odata.id": "https://graph.microsoft.com/v2/b5fc69f5-cda9-4db2-bd83-8bd9d99bb819/directoryObjects/7ec6551d-5267-4b5e-a6d0-c632237def3ab/Microsoft.DirectoryServices.User",
    "businessPhones": [], 
    "displayName": "Pedro Perez", 
    "givenName": "Pedro", "jobTitle": null, 
    "mail": null, 
    "mobilePhone": null,
    "officeLocation": null,
    "preferredLanguage": null,
    "surname": "Perz", 
    "userPrincipalName": "demo@e-contact.cl", 
    "id": "3245478-5267-4b5e-a6d0-c69167def3ab", 
    "email":"demo@e-contact.cl " 
}

If the user identifier is not found or if the email is null, it returns the following JSON:

{
    "email":”EmailNotFound”
}

This process returns the email in the entity specified in the OUTPUT_RESULT_ENTITY parameter. If the object ID is not in the active directory or the email is empty or incorrectly formatted, it returns the text EmailNotFound.