As of this moment, there is no integration functionality available within Dynamics 365 HR for Azure Active Directory. The good news however, is that an integration is possible. With an integration between the two, partners and customers can benefit from developing options using Power Automate and an Azure AD connector. In this article, our Technical Solution Architect Parag Chapre will explain how to integrate the following:
- Create a user in Azure AD when a new worker is hired
- Update a user in Azure AD when worker information changes
- How to disable the user in an Azure AD group
What is Azure Active Directory?
First, let’s get into the basics. Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access resources in:
- External resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications.
- Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization. For more information about creating a tenant for your organization.
On the other hand, you have Microsoft Dynamics 365 Human Resources. D365HR is a true software as a service (SaaS) that provides continuous, touchless service updates. These updates contain both application and platform changes that often provide critical improvements to the service, including regulatory updates.
- Administrator access to use Azure AD connector
- Access to Power Automate
- Create/Hire an employee with a unique primary email address
- Primary mobile phone
- Worker Number should be available in Job Positions entity to fetch (Department, Job Title)
How to create a user in Azure AD
Here, we need to create a Power automate with Azure AD connector. Make sure you should have an administrator access to use Azure AD connector. Below is the definition of Power Automate:
- Login to Dynamics 365 HR
- Hire a new worker with unique primary email address and must have a valid position
Add primary address
Let’s give it a test and see how it goes. It should look like this:
Check for the ‘Your flow ran successfully’ notification at the top. The user should receive an email right now.
Validate the data in Azure AD
The user is created in Azure Active Directory as you can see on the image below.
How to update a user in Azure AD when worker information has changed
Now that we created a user in Azure Active Directory, let’s get into detail in how we can update this user. In the image below, you can see how Power Automate works.
Imagine we want to change a first name. How about an update from Flora to Mrs. Flora. You can change it in the Azure Active Directory.
It should look like this:
Run another test flow to check if everything went well. Check again for the green notification at the top of the window.
Validate the data in Azure AD
Validate to see if your change works. Go to Azure Active Directory and search for the person.
Integrate Dynamics 365 HR with Azure Active Directory: How to disable a user in Azure AD
Now that we showed you how to create and edit a user in Azure Active Directory, let’s see how we disable a user.
This is standard template available in Power automate to disable a user from all azure AD groups:
- Run the flow
- Prerequisite’s to disable the user in Azure AD.
Primary Email Address
- Based on the email address the worker details will be retrieved from worker entity in CDS:After you have done this, click on OK to run.
- Based on the email address, the user details and user groups will be retrieved from Azure AD.
- User will be disabled in Azure AD
- User will be removed from all the associated groups in Azure AD
- Trigger an email to Admin as User has been removed from all the azure groups.
This is how you integrate Dynamics 365 HR with Azure AD. If you like this article, feel free to share it work others who might find it helpful. If you have any questions, feel free to get in contact. You can do so by starting a chat at the bottom right of your screen.
These articles may also interest you: