JDBC - Azure AD group

Manju22 · March 11, 2024, 10:39am

Hi ,

I need some suggestions on below.

IDN will need to do a SQL INSERT into the database when a user is added to the Azure AD group.

How this can be achieved using workflow or any methods? Please advice.

Thank you!

uday_kilambiCTS · March 11, 2024, 12:11pm

May be you can add more details about what you want to achieve through Insert statement. When you mention SQL Insert, I am assuming that it needs a group/entitlement to be added in a particular database that is onboarded already in your IDN.

You can achieve it via Roles and Workflows both.

Via Role
Define the role criteria to match the Azure AD group on a user. Define an access profile for the Database group you need to insert and add it to the role. This ensures the DB group is granted automatically through the role.
Via workflow
Define an Access Request Decision based trigger to detect an the respective Azure AD group request and invoke Manage access action to request needed database group.

Regards,
Uday

Manju22 · March 11, 2024, 2:08pm

Thanks Uday.

We need to create record into the database if any new user added into the Azure AD group. Can you please advise.

uday_kilambiCTS · March 11, 2024, 3:45pm

Is this database integrated as a source in IdentityNow? And this record that is planned to insert, does it add a group to the user? or create a user record in database?

Manju22 · March 11, 2024, 4:14pm

Yes, its a JDBC connector source in IDN.We need to create a user record in database if user added to Azure AD group

uday_kilambiCTS · March 11, 2024, 4:22pm

If your JDBC source is already developed and configured for the user account creation using JDBC Provisioning rule, then you can simply have a role defined with assignment criteria as Azure AD group entitlement and the respective JDBC group as the access profile.

Whenever user is added with Azure AD group or for all the existing users who has the Azure AD group, the IdentityNow role is assigned which in turn adds the database group to the user. This invokes the JDBC connector to create an account(if not already present) and add the group using your JDBC provisoning rule.

If you do not intend to assign the database group for existing users, you can choose the Workflow route as I mentioned in the earlier comment.

system · May 10, 2024, 4:22pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Adding the user to Azure group after account creation using webservices ISC Discussion and Questions webservice-connector , rules , identity-security-cloud , provisioning , identities , entitlements	3	56	October 4, 2024
JDBC App with connection to Azure SQL IdentityIQ (IIQ)	1	1959	January 18, 2022
Azure SQL jdbc connection String ISC Discussion and Questions identity-security-cloud , jdbc-connector	6	538	November 22, 2023
Workflow - Add User to Required Azure AD Group ISC Discussion and Questions workflows	9	290	May 10, 2024
Workflow to push identitynow value to Azure AD ISC Discussion and Questions workflows , identity-security-cloud	3	212	March 28, 2024

JDBC - Azure AD group

Related topics