Download presentation
Presentation is loading. Please wait.
1
12/29/2018 8:46 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
2
12/29/2018 8:46 AM Microsoft Graph- Workflows to Automate Azure AD User and Group Management Jeff Sakowicz © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
3
Agenda Microsoft Graph – Overview Azure AD in Microsoft Graph
Building custom workflows © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
4
Microsoft Graph a unified REST API
Microsoft Build 2017 12/29/2018 8:46 AM Microsoft Graph a unified REST API and comprehensive developer experience for integrating the data and intelligence exposed by Microsoft services. Most of you came to this conference because you have real customers that have data in Microsoft Services. Microsoft Graph is the way to access that data. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
5
Microsoft Graph Unified REST API for Microsoft 365:
12/29/2018 8:46 AM Microsoft Graph Unified REST API for Microsoft 365: Azure Active Directory Office 365 services: SharePoint, OneDrive, Outlook/Exchange, Microsoft Teams, OneNote, Planner, and Excel Enterprise Security and Mobility services: Identity Manager, Intune, Advanced Threat Analytics and Advanced Threat Protection. Windows 10 services: Activities and Devices Education © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
6
Azure Active Directory in the Marketplace Every Office 365 and Microsoft Azure customer uses Azure Active Directory organizations 15.4M users 1B 3rd party apps in Azure AD 464K paid Azure AD / EMS customers 65K of Fortune 500 companies use Azure AD 90% Governance Access Reviews MDM-auto enrollment / Enterprise State Roaming HR App Integration Microsoft Authenticator - Password-less Access Self-Service capabilities SSO to SaaS Azure AD B2C B2B collaboration Security Reporting Azure AD Join Dynamic Groups Remote Access to on-premises apps Addition of custom cloud apps Conditional Access Multi-Factor Authentication Identity Protection Privileged Identity Management Connect Health Azure AD DS Azure AD Connect Provisioning-Deprovisioning Office 365 App Launcher Group-Based Licensing Access Panel/MyApps +30% YoY +45% YoY +200% YoY +74% YoY March 2018 Data © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
7
Azure AD in Microsoft Graph
12/29/2018 8:46 AM Azure AD in Microsoft Graph Programmatic Access To: Users Groups Organization Roles- including PIM B2B Invitation Manager Applications Domains Administrative Units Devices Synchronization More… © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
8
Imagine what you can build
12/29/2018 Imagine what you can build User onboarding & provisioning Group management & compliance Custom business workflows Automated security runbooks Secure transactions using conditional access … and MORE © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9
Workflow Automation – New Hire Provisioning
New hire created Set profile Assign licenses Set manager Assign devices Provision mobile device Register owner Authorize access Assign to groups Assign to roles POST /users POST /devices POST /groups/{id}/members/$ref POST /users/{id}/assignLicense POST /devices/{id}/registeredOwners POST /groups/{id}/directoryRoles/$ref POST /users/{id}/manager/$ref
10
Workflow Automation – Department Change
Department update Change dept. Get current manager Set new manager Re-authorize Remove from groups Add to groups/roles Work in progress? Working on? Tasks Notify manager /users/delta?$select=department Track department changes PATCH /users/{id} /users/{id}/insights/trending DELETE /groups/{id}/members/$ref /users/{id}/tasks /users/{id}/manager POST /groups/{id}/members/$ref POST /users/{id}/sendMail POST /users/{id}/manager/$ref POST /directoryRoles/{id}/members/$ref
11
Department Change Workflow – Enhancement
12/29/2018 8:46 AM Department Change Workflow – Enhancement POST /directoryRoles/{id}/members/$ref Privileged Identity Management can help POST /privilegedRoleAssignment © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
12
Group Naming – Compliance Automation
Perform initial sync Read all Groups and Get Delta token Create webhook subscription Check for Updates Wait for webhook “poke” Check for new and updated Groups Rename non-compliant Groups Update Group Name PATCH /groups/{id} GET /groups/delta GET /groups/delta?$deltaToken=<value> POST /subscriptions
13
Key Takeaways Automate complex business processes
12/29/2018 8:46 AM Key Takeaways Automate complex business processes Build custom workflows for User and Group Management Azure AD + Microsoft Graph = better together What about data for Windows and EMS? © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
14
Get started today #MicrosoftGraph /MicrosoftGraph [MicrosoftGraph]
12/29/2018 8:46 AM Get started today Twitter #MicrosoftGraph GitHub /MicrosoftGraph StackOverflow [MicrosoftGraph] © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
![Get started today #MicrosoftGraph /MicrosoftGraph [MicrosoftGraph]](http://slideplayer.com./slide/15212601/92/images/14/Get+started+today+%23MicrosoftGraph+%2FMicrosoftGraph+%5BMicrosoftGraph%5D.jpg "12/29/2018 8:46 AM. Get started today. Twitter. #MicrosoftGraph. GitHub. /MicrosoftGraph. StackOverflow. [MicrosoftGraph] © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.")
15
12/29/2018 8:46 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Similar presentations
