Skip to main content
Use Microsoft Entra ID actions in workflows to create and manage users, list groups, manage group memberships, and automate access provisioning.
See Microsoft Entra ID setup guide to connect your organization

Actions

Creates a new user in Microsoft Entra ID with configurable profile fields. Automatically provisions corresponding Ravenna user records, making the newly created user immediately available for use in downstream workflow actions.Input fields:
  • Email - User email address (userPrincipalName)
  • First Name - User’s first name
  • Last Name - User’s last name
  • Password - Initial password (optional, auto-generated if not provided)
  • Display Name - Full display name (optional, defaults to first and last name)
  • Job Title - User’s job title (optional)
  • Department - Department name (optional)
  • Office Location - Office location (optional)
  • Mobile Phone - Mobile phone number (optional)
Output data:
  • User - The newly created Ravenna user for use in downstream actions
  • External User ID - Microsoft Entra user ID
  • Generated Password - Auto-generated password (only present if password was auto-generated)
Common use cases:
  • Automate new employee onboarding
  • Create user accounts from access requests
  • Provision users as part of bulk onboarding workflows
  • Create temporary accounts for contractors
Disables user accounts in Microsoft Entra ID to temporarily block access. Use this to suspend access during investigations, temporary leaves, or pending offboarding.Input fields:
  • Users - One or more Ravenna users to suspend (supports user groups)
Output data:
  • User - The suspended user ID
Common use cases:
  • Suspend access during security investigations
  • Handle temporary leaves of absence
  • Block access pending offboarding approval
  • Enforce policy violations
Re-enables previously suspended user accounts in Microsoft Entra ID to restore access. Use this to reinstate access after suspensions or temporary blocks.Input fields:
  • Users - One or more Ravenna users to restore (supports user groups)
Output data:
  • User - The restored user ID
Common use cases:
  • Restore access after investigations complete
  • Reinstate users returning from leave
  • Reactivate accounts after approval
  • Reverse temporary suspensions
Resets a user’s password in Microsoft Entra ID and generates a temporary password. The user will be required to change their password on next sign-in.
This action requires the Privileged Authentication Administrator role to be assigned to Ravenna. See setup guide for configuration steps.
Input fields:
  • User - The Ravenna user whose password should be reset
Output data:
  • User - The user ID
  • Password - The generated temporary password (can be used in notifications or downstream actions)
Common use cases:
  • Self-service password reset workflows
  • Helpdesk password reset requests
  • Automated credential rotation for service accounts
  • Emergency access recovery
Removes all registered MFA methods for a user in Microsoft Entra ID. The user will be required to re-register MFA on their next sign-in.
This action requires the Privileged Authentication Administrator role to be assigned to Ravenna. See setup guide for configuration steps.
Input fields:
  • User - The Ravenna user whose MFA should be reset
Output data:
  • User - The user ID
Common use cases:
  • User lost access to authenticator app
  • Phone number change requiring MFA re-enrollment
  • Security incident requiring credential reset
  • Device replacement workflows
Deletes a user from Microsoft Entra ID. Deleted users are moved to the “Deleted users” list and can be restored via the Entra admin console within 30 days, after which they are permanently removed.
This action requires the User Administrator or Privileged Authentication Administrator role to be assigned to Ravenna. See setup guide for configuration steps.
Input fields:
  • User - The Ravenna user to delete from Entra
Common use cases:
  • Complete offboarding for departing employees
  • Remove accounts after retention period expires
  • Clean up test or temporary user accounts
  • Comply with data deletion requests
Lists all groups from Microsoft Entra ID with their details. Returns both a simple array of group IDs for downstream actions and detailed group information for display.Output data:
  • Groups - Array of Microsoft Entra Group IDs for use in downstream workflow actions
Common use cases:
  • Iterate over all groups to perform bulk operations
  • Build dynamic group selection dropdowns
  • Audit existing group configurations
  • Generate group inventory reports
  • Pass group IDs to downstream workflow actions
Verifies that a group exists in Microsoft Entra ID. Use this to validate group references before performing operations or to check if groups created in other workflows are still present.Input fields:
  • Group - The Microsoft Entra group to verify
Output data:
  • Group - The verified group ID (null if not found)
  • Is Found? - Boolean indicating whether the group exists
Common use cases:
  • Validate group exists before adding members
  • Check if cleanup workflows removed expected groups
  • Verify group creation from previous workflow steps
  • Conditional workflow logic based on group existence
Creates a new security group in Microsoft Entra ID with optional owner and member assignment. Automatically provisions corresponding Ravenna group records, making the newly created group immediately available for use in downstream workflow actions.Input fields:
  • Name - Group display name
  • Description - Group description (optional)
  • Owner - User to assign as group owner (optional)
  • Members - Users to add as group members (optional, supports user groups)
  • Mail Nickname - Mail alias for the group (optional, defaults to slugified name)
Output data:
  • Group - The newly created group for use in downstream actions
Common use cases:
  • Create project teams during onboarding workflows
  • Provision temporary groups for contractors
  • Automate group creation from access requests
  • Build dynamic teams based on ticket attributes
Updates an existing group’s properties in Microsoft Entra ID. Use this to maintain group metadata, update descriptions, or rename groups based on organizational changes.Input fields:
  • Group - The Microsoft Entra group to update
  • Name - New group name (optional)
  • Description - New group description (optional)
Output data:
  • Group - The updated group ID
Common use cases:
  • Update group names during reorganizations
  • Maintain group descriptions with current team information
  • Standardize group naming conventions
  • Sync group metadata from other systems
Permanently removes a group from Microsoft Entra ID. Use this to clean up temporary groups, remove unused teams, or automate group lifecycle management during offboarding.Input fields:
  • Group - The Microsoft Entra group to delete
Common use cases:
  • Clean up temporary project groups
  • Remove groups for departing contractors
  • Automate group removal during offboarding
  • Purge unused or stale security groups
Adds one or more users to a Microsoft Entra group. Use this to grant team access, provision group-based permissions, or automate group membership during onboarding.Input fields:
  • Users - One or more Ravenna users to add (supports user groups)
  • Microsoft Entra Groups - One or more Entra groups to add users to
Output data:
  • Added User - User ID that was added to the groups
Common use cases:
  • Automate onboarding group assignments
  • Grant team access automatically
  • Provision group-based permissions
  • Add users to distribution lists
Removes one or more users from a Microsoft Entra group. Use this to revoke access, handle offboarding, or update group memberships based on role changes.Input fields:
  • Users - One or more Ravenna users to remove (supports user groups)
  • Microsoft Entra Groups - One or more Entra groups to remove users from
Output data:
  • Removed User - User ID that was removed from the groups
Common use cases:
  • Revoke access during offboarding
  • Update group memberships
  • Remove temporary access
  • Handle role changes