https://github.com/tools4everbv/helloid-task-sa-target-azureactivedirectory-accountgrantgroupmembership

Azure Active Directory - User account grant group membership
https://github.com/tools4everbv/helloid-task-sa-target-azureactivedirectory-accountgrantgroupmembership

azure-active-directory powershell product service-automation task

Last synced: about 2 months ago
JSON representation

Azure Active Directory - User account grant group membership

• Host: GitHub
• URL: https://github.com/tools4everbv/helloid-task-sa-target-azureactivedirectory-accountgrantgroupmembership
• Owner: Tools4everBV
• Created: 2023-03-10T12:21:23.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2023-10-06T08:55:35.000Z (about 1 year ago)
• Last Synced: 2023-10-06T09:42:57.184Z (about 1 year ago)
• Topics: azure-active-directory, powershell, product, service-automation, task
• Language: PowerShell
• Homepage:
• Size: 6.84 KB
• Stars: 0
• Watchers: 4
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        

# HelloID-Task-SA-Target-AzureActiveDirectory-AccountGrantGroupMembership

## Prerequisites

## Description

This code snippet executes the following tasks:

1. Define a hash table `$formObject`. The keys of the hash table represent the parameters needed for this action, while the values represent the values entered in the form.

> To view an example of the form output, please refer to the JSON code pasted below.

```json

{

    "UserIdentity": "[email protected]",

    "GroupsToAdd": [

        {

            "Name": "testgroup1",

            "Id" : "599bba95-e5ac-45f9-a3a0-e6e2674bb7df"

        },

        {

            "Name": "testgroup2",

            "Id" : "938a3e5d-2093-4ed9-b6b9-777c144ad08d"

        }

    ]

}

```

> :exclamation: It is important to note that the names of your form fields might differ. Ensure that the `$formObject` hashtable is appropriately adjusted to match your form fields.

> [See the Microsoft Docs page](https://learn.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0&tabs=http)

2. Receive a bearer token by making a POST request to: `https://login.microsoftonline.com/$AADTenantID/oauth2/token`, where `$AADTenantID` is the ID of your Azure Active Directory tenant.

3. Looks up the user in Azure by its UPN, by making a GET request to  `https://graph.microsoft.com/v1.0/users/$($formObject.userPrincipalName)`.  This is done to get the Objectid of the user in Azure.

4. For each group in the specified groups in  `GroupsToAdd` the user is added to the group. by making a POST request to  `https://graph.microsoft.com/v1.0/groups//members/$ref`