Entra ID integration for workflows

To integrate the Microsoft Graph API with the Nexthink platform, you need to establish two points of integration. One point of integration is required to bring UPN to the data model user table. Another integration point is required to handle the API credentials.

Entra ID integration

The workflow utilizes the Universal Principal Name (UPN) from Entra ID integration. This is necessary to populate the UPN into the Nexthink data model, where it is mapped to the user.ad.name field. For more information on setting up the Nexthink connector to Entra ID, refer to the Connector for Microsoft Azure Active Directory.

The result of this integration should be that the user UPN is populated in the Nexthink user table. This user UPN is then utilized in the workflow when making Graph API calls. The following screenshots provide an example of an Entra ID connector setup and demonstrate that, when correctly set up, the users table populates with user names.

Credentials setup example
Field mappings example
User names are populated in users table

Graph API connector integration

Configuring connector credentials is essential for enabling API calls. Refer to the detailed information on the Connector credentials documentation page. Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank, as it is a local setup of each environment and is not included in the Library. It’s crucial to add API read/write permissions in the Entra ID application registration setup.

Example of credentials configurations
Thinklet with credentials field maintained

Application ID in Entra application is maintained as Client ID in credential setup.

Application ID in Entra application is maintained as Client ID in credential setup
Tenant ID is used as part of the Access token URL
Client secret needs to be copied from App registrations, Certificates & secrets

Last updated

Was this helpful?