{
	"name": "TAP + PWPush",
	"description": "TAP + PWPush",
	"modified": "2023-02-28T01:19:21.481708026Z",
	"modifiedBy": {
		"type": "IDENTITY",
		"id": "",
		"name": "Brendan Murphy"
	},
	"definition": {
		"start": "Get Identity",
		"steps": {
			"Boolean": {
				"choiceList": [
					{
						"comparator": "BooleanEquals",
						"nextStep": "HTTP Request",
						"variableA.$": "$.getAccounts.accounts[?(@.sourceName == \"Azure AD - Members\")].hasEntitlements",
						"variableB": true
					}
				],
				"defaultStep": "failure 1",
				"type": "choice"
			},
			"Compare Strings": {
				"choiceList": [
					{
						"comparator": "StringEquals",
						"nextStep": "Get Accounts",
						"variableA.$": "$.getIdentity.attributes.cloudAuthoritativeSource",
						"variableB": "7be0c633af8d4127b5b5ca1e1cc7ed76"
					}
				],
				"defaultStep": "failure",
				"type": "choice"
			},
			"Get Accounts": {
				"actionId": "sp:get-accounts",
				"attributes": {
					"getAccountsBy": "specificIdentity",
					"identity.$": "$.trigger.identity.id"
				},
				"nextStep": "Boolean",
				"type": "action",
				"versionNumber": 1
			},
			"Get Identity": {
				"actionId": "sp:get-identity",
				"attributes": {
					"id.$": "$.trigger.identity.id"
				},
				"nextStep": "Compare Strings",
				"type": "action",
				"versionNumber": 2
			},
			"HTTP Request": {
				"actionId": "sp:http",
				"attributes": {
					"authenticationType": "OAuth",
					"jsonRequestBody": {
						"lifetimeInMinutes": "480"
					},
					"method": "post",
					"oAuthClientId": "",
					"oAuthClientSecret": "",
					"oAuthCredentialLocation": "oAuthInBody",
					"oAuthScope": "https://graph.microsoft.com/.default",
					"oAuthTokenUrl": "https://login.microsoftonline.com/b6d20314-e399-4fde-8ab1-a9da4f204984/oauth2/v2.0/token",
					"requestContentType": "json",
					"requestHeaders": null,
					"url": "https://graph.microsoft.com/beta/users/{{$.getAccounts.accounts[?(@.sourceName == \"Azure AD - Members\")].attributes.userPrincipalName}}/authentication/temporaryAccessPassMethods"
				},
				"description": "This HTTP request is used to trigger a  graph API call to the Temporary Access Password",
				"nextStep": "HTTP Request 1",
				"type": "action",
				"versionNumber": 2
			},
			"HTTP Request 1": {
				"actionId": "sp:http",
				"attributes": {
					"method": "post",
					"url": "https://pwpush.com/p.json",
					"urlParams": {
						"password[payload]": "{{$.hTTPRequest.body.temporaryAccessPass}}"
					}
				},
				"nextStep": "Send Email",
				"type": "action",
				"versionNumber": 2
			},
			"Send Email": {
				"actionId": "sp:send-email",
				"attributes": {
					"body": "Hello User,\n\nYour Account has been created please use the following link to access: https://pwpush.com/p/{{$.hTTPRequest1.body.url_token}}\n\nRegards\nAdmin Team",
					"context": {},
					"from": null,
					"recipientEmailList.$": "$.getAccounts.accounts[?(@.sourceName == \"Workday Dev Delimited source\")].attributes.EMAIL_ADDRESS_HOME",
					"replyTo": "francis.balgobin@example.com",
					"subject": "*TEST* This is your Password for you new account"
				},
				"description": null,
				"nextStep": "success",
				"type": "action",
				"versionNumber": 2
			},
			"failure": {
				"failureName": "Identity authoratize source is NOT Workday",
				"type": "failure"
			},
			"failure 1": {
				"failureName": "Identity has no Azure AD - Members account with entitlements",
				"type": "failure"
			},
			"success": {
				"type": "success"
			}
		}
	},
	"creator": {
		"type": "IDENTITY",
		"id": "",
		"name": "Francis Balgobin"
	},
	"trigger": {
		"type": "EVENT",
		"attributes": {
			"filter.$": "$.changes[?(@.attribute == \"cloudLifecycleState\" && @.newValue == \"active\" && @.oldValue == \"hired\")]",
			"id": "idn:identity-attributes-changed"
		}
	}
}