Azure Active Directory

Azure Active Directory is a cloud-based directory service developed by Microsoft that helps organizations manage customer and employee information. Basic features include use of directory objects, federated authentications, and password protections. Enterprise and premium editions offer more capabilities. For more information on Azure Active Directory, see the company website.

In the context of Nintex Automation Cloud, Azure Active Directory is a connector Service used to define a connection required for associated actions and start events. Examples include Salesforce and Box. Method of integration to cloud services, business applications and content stores.. The Azure Active Directory connector Service used to define a connection required for associated actions and start events. Examples include Salesforce and Box. Method of integration to cloud services, business applications and content stores. is used to create connections for Azure Active Directory actions A tool for building the processes, logic, and direction within workflows.. Use Azure Active Directory actions to get specific information about users and managers in your organization, and to search for users in Azure Active Directory based on conditions you specify.

While you can use any editions of Azure Active Directory, the premium editions include more features designed for password resets, third-party integrations, identity protection, and more. See Azure Active Directory pricing for more information.

Jump to:

Create an Azure Active Directory connection

Create a connection from the connections page or from the action configuration panel when configuring the action. For information about creating connections and assigning permissions, see Manage connections.

Note: Your browser-stored credentials are accessed to create connections. Either clear credentials from browser memory or make sure the stored credentials are for the intended environment.

Azure Active Directory account requirements

  • Type of Azure Active Directory edition required to use with Nintex Automation Cloud:

    While you can use any editions of Azure Active Directory, the premium editions include more features designed for password resets, third-party integrations, identity protection, and more. See Azure Active Directory pricing for more information.

  • Nintex Automation Cloud uses the app Nintex Automation Cloud - Azure Active Directory Connector to create Azure Active Directory connections.

    • To ensure full functionality of your Azure Active Directory connection, ask your Azure Active Directory administrator to grant permission.

    For more information on admin consent for apps in Azure Active Directory, see the Register an app with the Azure Active Directory v1.0 endpoint Microsoft Azure article.

  • The account you use to create a connection for Azure Active Directory actions must have the following Azure Active Directory permissions:

    • Read all user's full profile

    • Read all user's basic profile

Create an Azure Active Directory data source

Use the Azure Active Directory data source to create a drop-down list of Azure Active Directory users in a form. Each data source is configured for a specific account. You can create as many data sources as you need. For more information on creating a data source and assigning permissions to it, see Data sources.

For example, to allow users to select a specific Azure Active Directory user in a form, add a drop-down list of users to the form using a Data lookup control A form control that allows users to select from a drop-down list of values that have been fetched from a third-party service.. The Data lookup control uses a Azure Active Directory - Query users data source to list the users in your organization's directory.

You can create a data source to:

  • Query users: List all the users listed in your organization's directory based on conditions you specify.

  • Get manager details: Lists all the details of the managers in your organization's directory. Note that this data source will not work using a Data lookup control; it will only work using an external data source.

  • Get members of an Azure Active Directory group: Lists all the members in a group that you specify in your organization's directory.

Important: 

The output of the Azure Active Directory - Query users action has been updated to include a collection variable named Users to store the properties of the users returned by the query. Existing Azure Active Directory data sources created before the output of the action was updated will work but you may see an error if you try to edit existing Azure Active Directory data sources. If you want to leverage the new functionality in your data source you must create a new data source. If you want to use a new Azure Active Directory data source or if you encounter an error when you edit an existing Azure Active Directory data source:

  1. Delete the existing Azure Active Directory data source.

  2. Create a new Azure Active Directory data source.

  3. If you have any Data lookup controls using the old Azure Active Directory data source, reconnect it to the new data source.

Azure Active Directory data source fields

To access the data source fields, in the Add data source section, select the Azure Active Directory Connector and the Operation.

The following operations are available for the Azure Active Directory connector:

  • Query users

  • Get manager details

  • Get members of an Azure Active Directory group

Operation

Field or selection

Description
Query users Connection

The available Azure Active Directory connections.
  Maximum number of users to return

The maximum number of user records to be retrieved from the directory.
  Conditions

Conditional statement(s) to use for the query.

Important: The Contains operator is not supported by the Azure Active Directory connector.

  • Add condition: Click to add a condition.
  • When: Fields available for the selected Azure Active Directory. Accepts a selection from the drop-down list.
  • Operator: Comparison between When and Value fields. Accepts a selection from the drop-down list. Selections in the drop-down list correspond to the data type of the entry for When.
  • Value: The expected value in the field specified for When.
  • Summary: Description of the condition.
  • Click Edit to edit a condition.
  • Click Delete to delete a condition.
  Columns

The list of columns to be made available in the Azure Active Directory data source. Leave this blank to retrieve all columns.

You must select the columns that you want to use for the Azure Active Directory data source. Only the selected columns are available for selection in any Data lookup control using this data source.

After you select the columns in the Data source, you cannot select any additional columns in the Data lookup configuration. If you don't select any columns when creating the data source you can configure the Columns in the Data lookup control.
Get manager details Connection

The available Azure Active Directory connections.
  Employee email address The email address or principal name of the manager (e.g., davidj@domain.com).
Get members of an Azure Active Directory group Connection

The available Azure Active Directory connections.
  Group name The Azure Active Directory group name.