Office365
Office365
Office365 plugin steps have been created to perform tasks on O365.
Compatibility:
- Office 365(Office 365 Business Premium License) and Microsoft Graph REST API v1.0
Prerequisites:
- Microsoft Account with the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
- Tenant ID, Client ID and Client Secret should be known for Authentication.
References:
- https://docs.microsoft.com/en-us/graph/api/resources/groups-overview?view=graph-rest-1.0
- https://docs.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0
Office 365: Add Member to Group
Compatibility:
- Office 365(Office 365 Business Premium License) and Microsoft Graph REST API v1.0
Prerequisites:
- Tenant ID, Client ID and Client Secret should be known.
- The Microsoft Account should have the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
Additionally, to Add Member to Group in Office365 following are the permissions needed.
Permission type | Permission (from least to most privileged) |
Delegated (work or school account) | GroupMember.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
Application | GroupMember.ReadWrite.All, Group.ReadWrite.All and Directory.ReadWrite.All |
References:
- https://docs.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0&tabs=http
- https://github.com/microsoftgraph/microsoft-graph-docs/issues/4771
- https://github.com/microsoftgraph/microsoft-graph-docs/issues/546
Limitation:
- Users can only be added to Office 365 Groups.
Description
Office 365: Add Member to Group plugin step adds an Office 365 user to a Group.
Configurations
No.
Field Name
Description
1
Step Name
Name of the step. This name has to be unique in a single workflow.
Connection:
2
Tenant ID
Tenant ID of Microsoft Account.
The data type is string. This field is mandatory.
3
Client ID
Client ID of the Application created in Microsoft Account.
The data type is string. This field is mandatory.
Client Secret:
4
Accept Value as variable/static
Leave checkbox unchecked to accept Client Secret value from a field in the previous steps of the stream using a drop down list.
Else enable checkbox for Client Secret field to appear as Text box.
5
Client Secret
Specify the Client Secret generated in Microsoft Account.
Client Secret is entered using a widget. The widget handles both Text (static value or environment variable) and Combo (drop down containing values from previous steps). If checkbox above is enabled Client Secret field appears as a Text box and accepts static or variable values. Else if checkbox above is disabled Client Secret field appears as a drop down to select fields from previous steps.
The data type is secure string. This field is mandatory.
6
Button: Test Connection
Test connection with Client ID and Client Secret provided.
Verifies whether the connection is established or not.
Note: For the purpose of verification fields coming from previous steps are not allowed since field values can only be accessed when workflow is in running state. Static values and environment variables are allowed.
Input Tab:
No.
Field Name
Description
Input Fields:
1
Group Email/ID
Specify The Email address or Group ID of the group to which member is to be added.
Note:
- After successful execution, the added member takes some time to get reflected on the instance.
- To add member to security group use Group ID as security group doesn’t have email address.
- We cannot add members to Mail-Enabled Security Group through the plugin step.
2
Button: Get
Click to display the list of all the available emails of the group.
3
User Email
Specify the email address of the user.
4
Button: Get
Click to display list of all the available emails of the user.
Note: Get button fetches only top 100 User Emails.
Office 365: Create Office 365 Group
Compatibility:
Prerequisites:
- Tenant ID, Client ID and Client Secret should be known.
- The Microsoft Account should have the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
Additionally, to Create Group in Office365 the following permissions are needed.
Permission type | Permission (from least to most privileged) |
Delegated (work or school account) | Group.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
Application | Group.Create, Group.ReadWrite.All, Directory.ReadWrite.All |
References:
Description
Office 365: Create Office 365 Group plugin step creates an Office 365 Group.
Configurations
No.
Field Name
Description
1
Step Name
Name of the step. This name has to be unique in a single workflow.
Connection:
2
Tenant ID
Tenant ID of Microsoft Account.
The data type is string. This field is mandatory.
3
Client ID
Client ID of the Application created in Microsoft Account.
The data type is string. This field is mandatory.
Client Secret:
4
Accept Value as variable/static
Leave checkbox unchecked to accept Client Secret value from a field in the previous steps of the stream using a drop down list.
Else enable checkbox for Client Secret field to appear as Text box.
5
Client Secret
Specify the Client Secret generated in Microsoft Account.
Client Secret is entered using a widget. The widget handles both Text (static value or environment variable) and Combo (drop down containing values from previous steps). If checkbox above is enabled Client Secret field appears as a Text box and accepts static or variable values. Else if checkbox above is disabled Client Secret field appears as a drop down to select fields from previous steps.
The data type is secure string. This field is mandatory.
6
Button: Test Connection
Test connection with Client ID and Client Secret provided.
Verifies whether the connection is established or not.
Note: For the purpose of verification fields coming from previous steps are not allowed since field values can only be accessed when workflow is in running state. Static values and environment variables are allowed.
Input Tab:
No.
Field Name
Description
1
Input Fields:
2
Group Name
Specify the name to display in the address book for the group.
5
Mail Nickname
Specify the mail alias for the group.
6
Group Description
Specify description of the Group.
7
Group Owner
Specify the group owner’s name.
8
Get
Click to display list of available Group Owners.
Output Tab:
No.
Field Name
Description
Output Fields:
1
Group Email
Output field to hold the email address of the group created.
After successful execution, the created group takes some time to get reflected on the instance.
Office 365: Create Security Group
Compatibility:
- Office 365(Office 365 Business Premium License) and Microsoft Graph REST API v1.0
Prerequisites:
- Tenant ID, Client ID and Client Secret should be known.
- The Microsoft Account should have the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
Additionally, for Office365Create Security Group step the following permissions are needed.
Permission type | Permission (from least to most privileged) |
Delegated (work or school account) | Group.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
Application | Group.Create, Group.ReadWrite.All, Directory.ReadWrite.All |
References:
- https://docs.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0&tabs=cs
- https://docs.microsoft.com/en-us/graph/api/resources/groups-overview?view=graph-rest-1.0#security-groups-and-mail-enabled-security-groups
Description
Office 365: Create Security Group plugin step creates a Security Group.
Configurations
No.
Field Name
Description
1
Step Name
Name of the step. This name has to be unique in a single workflow.
Connection:
2
Tenant ID
Tenant ID of Microsoft Account.
The data type is string. This field is mandatory.
3
Client ID
Client ID of the Application created in Microsoft Account.
The data type is string. This field is mandatory.
Client Secret:
4
Accept Value as variable/static
Leave checkbox unchecked to accept Client Secret value from a field in the previous steps of the stream using a drop down list.
Else enable checkbox for Client Secret field to appear as Text box.
5
Client Secret
Specify the Client Secret generated in Microsoft Account.
Client Secret is entered using a widget. The widget handles both Text (static value or environment variable) and Combo (drop down containing values from previous steps). If checkbox above is enabled Client Secret field appears as a Text box and accepts static or variable values. Else if checkbox above is disabled Client Secret field appears as a drop down to select fields from previous steps.
The data type is secure string. This field is mandatory.
6
Button: Test Connection
Test connection with Client ID and Client Secret provided.
Verifies whether the connection is established or not.
Note: For the purpose of verification fields coming from previous steps are not allowed since field values can only be accessed when workflow is in running state. Static values and environment variables are allowed.
Input Tab:
No.
Field Name
Description
Input Fields:
1
Group Name
Specify the name to display in the address book for the group.
The data type is String. This field is mandatory.
2
Mail Nickname
Specify the mail alias for the group.
The data type is String. This field is mandatory.
5
Group Description
Specify the description of the group.
The data type is String. This field is optional.
6
Group Owner
Specify the Group Owner’s name.
The data type is String. This field is optional.
Output Tab:
No.
Field Name
Description
Output Field:
1
Group ID
Specify an Output field to hold the ID of the Security Group created. The data type is String. This field is mandatory.
Note: After successful execution, it takes some time for the created group to get reflected on the instance.
Office 365: Remove Member from Group
Compatibility:
- Office 365(Office 365 Business Premium License) and Microsoft Graph REST API v1.0
Prerequisites:
- Tenant ID, Client ID and Client Secret should be known.
- The Microsoft Account should have the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
Additionally, Office365 Remove Member from Group Step needs the following permissions.
Permission type | Permission (from least to most privileged) |
Delegated (work or school account) | Member.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
Application | Member.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All |
References:
- https://docs.microsoft.com/en-us/graph/api/group-delete-members?view=graph-rest-1.0
- https://github.com/microsoftgraph/microsoft-graph-docs/issues/4771
- https://github.com/microsoftgraph/microsoft-graph-docs/issues/546
Description
Office 365: Remove Member from Group plugin step removes an Office 365 user from a Group
Configurations
No.
Field Name
Description
1
Step Name
Name of the step. This name has to be unique in a single workflow.
Connection:
2
Tenant ID
Tenant ID of Microsoft Account.
The data type is string. This field is mandatory.
3
Client ID
Client ID of the Application created in Microsoft Account.
The data type is string. This field is mandatory.
Client Secret:
4
Accept Value as variable/static
Leave checkbox unchecked to accept Client Secret value from a field in the previous steps of the stream using a drop down list.
Else enable checkbox for Client Secret field to appear as Text box.
5
Client Secret
Specify the Client Secret generated in Microsoft Account.
Client Secret is entered using a widget. The widget handles both Text (static value or environment variable) and Combo (drop down containing values from previous steps). If checkbox above is enabled Client Secret field appears as a Text box and accepts static or variable values. Else if checkbox above is disabled Client Secret field appears as a drop down to select fields from previous steps.
The data type is secure string. This field is mandatory.
6
Button: Test Connection
Test connection with Client ID and Client Secret provided.
Verifies whether the connection is established or not.
Note: For the purpose of verification fields coming from previous steps are not allowed since field values can only be accessed when workflow is in running state. Static values and environment variables are allowed.
Input Tab:
No.
Field Name
Description
Input Fields:
1
Group Email/ID
Specify the email address or Group ID of the group from which a user has to be removed.
2
Button: Get
Click this button to display a windows pop-up with list of all the available group’s emails.
3
User Email
Email address of the user.
4
Button: Get
Click this button to display a windows pop-up with list of all the available User’s Emails from the selected group.
Can only fetch the top 100 User Emails on Get button.
- After successful execution, the removed member takes some time to get reflected on the instance.
- To remove member to security group use Group ID as the security group doesn’t have an email address.
- We cannot remove members of Mail-Enabled Security Group through the plugin step.
Office 365: Reset Password
Compatibility:
Prerequisites:
- Tenant ID, Client ID and Client Secret should be known.
- The Microsoft Account should have the required O365 App Authentication and Permissions (Refer 31 Appendix 5: O365 Authentication & Permissions).
- To reset the password of user “Password Adminstrator” or “Helpdesk Administrator”permission from “Roles and administrators” should be given to the Application (O365 Azure AD). This permission may take some time to get reflected.
- Global administrator permission can reset the password for any user and all other administrators.
- Helpdesk administrators or Password administrators can reset passwords of other users who are non-administrators.
Additionally, Office365 Reset Password Step needs the following permissions.
Permission type | Permission (from least to most privileged) |
Delegated (work or school account) | User.ReadWrite, User.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
Delegated (personal Microsoft account) | User.ReadWrite |
Application | User.ReadWrite.All, Directory.ReadWrite.All |
References:
- https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles
- https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http
Office 365: Reset Password plugin step resets the password for a user in Office365.
Configurations
No.
Field Name
Description
1
Step Name
Name of the step. This name has to be unique in a single workflow.
Connection:
2
Tenant ID
Tenant ID of Microsoft Account.
The data type is string. This field is mandatory.
3
Client ID
Client ID of the Application created in Microsoft Account.
The data type is string. This field is mandatory.
Client Secret:
4
Accept Value as variable/static
Leave checkbox unchecked to accept Client Secret value from a field in the previous steps of the stream using a drop down list.
Else enable checkbox for Client Secret field to appear as Text box.
5
Client Secret
Specify the Client Secret generated in Microsoft Account.
Client Secret is entered using a widget. The widget handles both Text (static value or environment variable) and Combo (drop down containing values from previous steps). If checkbox above is enabled Client Secret field appears as a Text box and accepts static or variable values. Else if checkbox above is disabled Client Secret field appears as a drop down to select fields from previous steps.
The data type is secure string. This field is mandatory.
6
Button: Test Connection
Test connection with Client ID and Client Secret provided.
Verifies whether the connection is established or not.
Note: For the purpose of verification fields coming from previous steps are not allowed since field values can only be accessed when workflow is in running state. Static values and environment variables are allowed.
Input Tab:
No.
Field Name
Description
Input Fields:
1
User Email
Specify the email address of the user whose password is to be reset.
The data type of this field is string. This field is mandatory.
2
Button: Get
Click this button to display a windows pop-up with list of all the available user emails.
3
New Password
Specify the new password for the user. The password must satisfy minimum requirements as specified by the user’s
passwordPolicies property. By default, a strong password is required.
The data type of this field is string. This field is mandatory.
4
User Must Change Password At Next Logon
Allowed values are true or false. Provide true if the user must change the password on the next login; otherwise false.
- This may take some time to get reflected.
The data type of this field is string. This field is mandatory.