What's my plan?
All Suites Team, Growth, Professional, Enterprise, or Enterprise Plus
Support Team, Professional, or Enterprise

Verified AI summary ◀▼

Integrate Microsoft Entra ID with action flows to automate workflows and enhance collaboration. Connect using a service account for security, and manage user and group details with actions like Lookup user, Lookup group, Add user to group, and Remove member from group. Follow best practices for secure credential management to protect your identity and access management system.

By connecting the action builder to external systems, such as Microsoft Entra ID, admins can integrate Zendesk with external systems in automated workflows, improving collaboration and maintaining a seamless experience across multiple platforms.
Note: The steps associated with external systems in action flows are referred to collectively as external actions.
This article contains the following topics:
  • Connecting Microsoft Entra ID to action builder
  • Using Microsoft Entra ID actions in action flows

Connecting Microsoft Entra ID to action builder

Before you can include external actions in your action flows, you must connect the action builder to the external system.

When connecting to external systems for use in action flows, the following best practices are recommended:
  • All external actions performed by an action flow are attributed to the user who connected the external system. Therefore, it's a best practice to use a dedicated service account rather than personal credentials when connecting to each external system.
  • All integrations request access to necessary scopes. However, it's important that you review and validate the scopes before authorizing the connection to the external system.
  • When managing credentials for API key-based tools, such as OpenAI, it's best to store keys in a secure vault or credential manager.
To connect action builder to Microsoft Entra ID
  1. In Admin Center, click Apps and integrations in the sidebar, then select Actions > Action flows.
  2. Create or edit an action flow.
  3. Open the step sidebar.
  4. Under External actions, click Microsoft Entra.
  5. Click Connect.
  6. Use Microsoft to authenticate the account.

    The following Microsoft Graph API scopes and permissions must be authorized during the OAuth connection process: User.Read.All, Group.Read.All, GroupMember.Read.All, GroupMember.ReadWrite.All.

    Note: All external actions performed by an action flow are attributed to the user who connected the external system. Therefore, it is a best practice to use a dedicated service account rather than personal credentials when connecting to each external system.

After you've connected to the system, you'll see an indicator that it's connected and details about the instance you're connected to, as well as the actions available for Microsoft Entra ID.

Important: Use the Microsoft Entra ID connector with caution, as it interacts directly with your Identity and Access Management system and handles sensitive authentication and authorization information. Misconfiguration or improper use can lead to unauthorized access, breaches, or compromise of your platform security. Follow best security practices, including the principle of least privilege and secure credential management.

Using Microsoft Entra ID actions in action flows

Microsoft Entra ID action steps can be used to search users, look up user and group details, manage group memberships, and perform identity management tasks.

The following Microsoft Entra ID actions are available:
  • Lookup user
  • Lookup group
  • Add user to group
  • Remove member from group

Looking up a user

Use the Lookup user action to look up a user.

This action has the following inputs and outputs:

  Variables
Inputs Required: User ID

Optional: User principal name, Email
Output User details such as id, displayName, givenName, surname, mail, userPrincipalName, jobTitle

Looking up a group

Use the Lookup group action to look up a group.

This action has the following inputs and outputs:

  Variables
Inputs Required: Group ID
Output

User details such as id, displayName, description, mail, mailEnabled, securityEnabled

Adding a user to a group

Use the Add user to group action to add a user to a group.

This action has the following inputs and outputs:

  Variables
Inputs Required: User ID, Group ID
Output Success or failure

Removing a member from a group

Use the Remove member from group action to remove a member from a group.

This action has the following inputs and outputs:

  Variables
Inputs Required: User ID, Group ID
Output Success or failure
Powered by Zendesk