# Configuration guide: License reclamation

{% hint style="info" %}
The configuration options on this page are only accessible to [administrators](/platform/user-guide/administration/account-management/roles.md#roles-administration).

Refer to the [Usage guide: License reclamation](/platform/library-packs/software-asset-management/workflow_-license-reclamation/usage-guide-license-reclamation.md) to use library content as a standard user.
{% endhint %}

## Pre-requisites <a href="#pre-requisites" id="pre-requisites"></a>

This library pack contains content from the following [expansion products](https://docs.nexthink.com/platform/overview/products)

* [Application Experience - Applications](https://docs.nexthink.com/platform/user-guide/applications)
* [Flow - Workflows](https://docs.nexthink.com/platform/user-guide/workflows)
* [Employee Engagement - Campaigns](https://docs.nexthink.com/platform/user-guide/campaigns)

{% hint style="info" %}
Some of these products offer default access to their respective content, and can still be used without the [expansion products](https://docs.nexthink.com/platform/overview/products).

Refer to the [Nexthink Infinity thresholds and limits overview](https://edocs.nexthink.com/nexthink-infinity/infinity-specifications/nexthink-infinity-default-thresholds-overview) documentation for more information about default thresholds for expansion products.
{% endhint %}

## Included content and dependencies <a href="#content-list-and-dependency" id="content-list-and-dependency"></a>

This library pack contains the following content and dependencies:

| Content type                                                                   | Name                                               | Description                                                                                                                                                          | Dependencies |
| ------------------------------------------------------------------------------ | -------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ |
| [Workflows](https://docs.nexthink.com/platform/user-guide/workflows)           | License reclamation                                | An API call to Entra ID removes a user (based on their user ID) from an application group, which automatically reclaims the license.                                 |              |
| [Workflows](https://docs.nexthink.com/platform/user-guide/workflows)           | License reclamation (on-premises Active Directory) | Triggers a remote action to Active Directory to remove a user (based on their SAM account name) from an application group, which automatically reclaims the license. |              |
| [Campaigns](https://docs.nexthink.com/platform/user-guide/campaigns)           | License reclamation request - Workflow invoke      | Asks users if they are still using an application.                                                                                                                   |              |
| [Remote actions](https://docs.nexthink.com/platform/user-guide/remote-actions) | Invoke remove user from AD group                   | The purpose of the Remote Action is to remove a specified user from an on-premises Active Directory group.                                                           |              |

## Configuring License reclamation <a href="#configuration-guide" id="configuration-guide"></a>

{% hint style="info" %}
Adapt these suggested configuration steps to edit and customize content according to your organizational needs.
{% endhint %}

Follow these steps to install and configure content:

* Before configuration - [Install library pack content from Nexthink Library](/platform/user-guide/nexthink-library.md)
* [Step 1 - Configure remote actions](#step-1-configure-remote-action-s)
* [Step 2 - Edit campaigns](#step-2-edit-campaigns)
* [Step 3 - Configure Entra ID integration](#step-3-configure-entra-id-integration)
* [Step 4 - Configure workflow parameters](#step-4-configure-workflow-parameters)
* [Step 5 - Maintain API thinklet credentials](#step-5-maintain-api-thinklet-credentials)
* [Step 6 - Maintain workflow trigger](#step-6-maintain-workflow-trigger)

### Step 1 – Configure remote actions

From the main menu, go to **Remote actions > Manage remote actions**.

1. Locate **Invoke remove user from AD group**.
2. Review and edit its **input parameters** as needed for your AD environment.
3. Set up a **manual or scheduled trigger** depending on the license cleanup frequency.

### Step 2 – Edit campaigns

From the main menu, navigate to **Campaigns > Manage campaigns**.

For each installed campaign:

1. Customize the **sender name** and **image**.
2. Review and adjust campaign **questions**.
3. **Publish** the campaign when ready.

Nexthink recommends these settings for the license campaign:

| Name                        | Trigger | Priority   |
| --------------------------- | ------- | ---------- |
| License Reclamation Request | Manual  | Not urgent |

### Step 3 – Configure Entra ID integration

If Entra ID is not yet configured, ask your Azure administrator for assistance.

Two integration points are required:

1. Import the **UPN** into the user table.
2. Store **API credentials** in the Entra ID connector.

Refer to [Entra ID integration for workflows](/platform/library-packs/faq/entra-id-integration-for-workflows.md) for full setup instructions.

Check the permissions listed in the [Entra ID connector thinklet](/platform/user-guide/workflows/creating-workflows/configuring-connector-thinklet/microsoft-entra-id-connector-thinklet.md) documentation.

### Step 4 – Configure workflow parameters

In the **workflow editor**, verify these parameters:

* **Ask for permission?** – Choose whether to require user consent before revoking access.
* **Authorization group** – Name of the AD group tied to license provisioning.
* **Application name** – Name of the app being managed.

Example use case:

Use the parameters to target users of "Salesforce Lightning" who:

* Used the app for **< 5 minutes** in the past 90 days.
* Did **not** confirm they still need access in the campaign.

Example **NQL** (requires Application Experience + Software Metering):

```
users during past 30d 
| where ad.email_address != null 
| include software_metering.events during past 90d 
| where application.name == "Salesforce Lightning" 
| compute focus_time = web_focus_time.sum() 
| include campaign.license_reclamation_request.responses during past 90d 
| where parameters.application_name == "Salesforce Lightning" 
| where state == answered 
| where answers.question1.label == "yes" 
| compute user_needs_application = user.count() 
| where focus_time < 5min 
| where user_needs_application == 0
```

### Step 5 – Maintain API thinklet credentials

Each **Service/API thinklet** needs a credential configuration.

1. Go to **Administration > Connector credentials**.
2. Add the required credentials for:
   * Microsoft Graph API
   * Active Directory integration
3. In the workflow, fill in the **Credentials** field of each relevant **API thinklet**.

{% hint style="info" %}
When a workflow is imported from the Library, credential fields will be blank and must be set locally.
{% endhint %}

<figure><img src="/files/CfTjYf22SRA40fbBGS6K" alt=""><figcaption></figcaption></figure>

### Step 6 – Maintain workflow trigger

This workflow is designed to run on a **scheduled** basis.

1. Open the workflow from **Workflows > Manage workflows**.
2. Go to the **General** tab.
3. Enable the **Schedule** checkbox.
4. Define separate schedules per application or group if needed.

{% hint style="info" %}
For license efficiency, use a tailored NQL query to exclude users who requested to keep their license.
{% endhint %}

<figure><img src="/files/R4zX4b6FPsn7CZxV0Z9v" alt=""><figcaption></figcaption></figure>

***

RELATED TOPICS

* [Manage Applications](https://docs.nexthink.com/platform/user-guide/applications/getting-started-with-applications)
* [Manage Workflows](https://docs.nexthink.com/platform/user-guide/workflows/managing-workflows)
* [Manage Remote Actions](https://docs.nexthink.com/platform/user-guide/remote-actions/getting-started-with-remote-actions)
* [Manage Campaigns](https://docs.nexthink.com/platform/user-guide/campaigns/managing-campaigns)
* [Workflow: License reclamation](/platform/library-packs/software-asset-management/workflow_-license-reclamation.md)
* [Usage guide: License reclamation](/platform/library-packs/software-asset-management/workflow_-license-reclamation/usage-guide-license-reclamation.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nexthink.com/platform/library-packs/software-asset-management/workflow_-license-reclamation/configuration-guide-license-reclamation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.