Entra ID integration for workflows

To integrate Graph API of Microsoft with Nexthink platform, you need to integrate two points of integration. One point of integration is required to bring UPN to data model user table. Another integration point is required to handle the API credentials.

Entra ID integration

The workflow utilizes the Universal Principal Name (UPN) from Entra ID integration. This is necessary to populate the UPN into the Nexthink data model, where it is mapped to the user.ad.name field. For more information on setting up the Nexthink connector to Entra ID, refer to the Connector for Microsoft Azure Active Directory on https://docs.nexthink.com/platform/latest/connector-for-azure-active-directory . The result of this integration should be that the user UPN is populated in the Nexthink user table. This user UPN is then utilized in the workflow when making graph API calls. The following screenshots provide an example of an Entra ID connector setup and demonstrate that, when correctly set up, the users table populates with user names.

Graph API connector integration

The configuration of connector credentials is essential for enabling API calls. See detailed information at https://docs.nexthink.com/platform/latest/webhooks-manage-credentials . Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library. It’s crucial to add API read/write permissions in the Entra ID application registration setup.

Application ID in Entra application is maintained as Client ID in credential setup.

Tenant ID is used as part of the Access token URL.

Client ID and Client secret needs to be copied from App registrations, Certificates & secrets.