Lister les workflowTemplates
Espace de noms : microsoft.graph.identityGovernance
Importante
Les API sous la version /beta
dans Microsoft Graph sont susceptibles d’être modifiées. L’utilisation de ces API dans des applications de production n’est pas prise en charge. Pour déterminer si une API est disponible dans v1.0, utilisez le sélecteur Version .
Obtenez la liste des objets workflowTemplate et de leurs propriétés.
Cette API est disponible dans les déploiements de cloud national suivants.
Service global | Gouvernement des États-Unis L4 | Us Government L5 (DOD) | Chine gérée par 21Vianet |
---|---|---|---|
✅ | ✅ | ✅ | ❌ |
Autorisations
Choisissez l’autorisation ou les autorisations marquées comme moins privilégiées pour cette API. Utilisez une autorisation ou des autorisations privilégiées plus élevées uniquement si votre application en a besoin. Pour plus d’informations sur les autorisations déléguées et d’application, consultez Types d’autorisations. Pour en savoir plus sur ces autorisations, consultez les informations de référence sur les autorisations.
Type d’autorisation | Autorisations avec privilèges minimum | Autorisations privilégiées plus élevées |
---|---|---|
Déléguée (compte professionnel ou scolaire) | LifecycleWorkflows.CreateWorkflows | LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All |
Déléguée (compte Microsoft personnel) | Non prise en charge. | Non prise en charge. |
Application | LifecycleWorkflows.CreateWorkflows | LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All |
Importante
Dans les scénarios délégués avec des comptes professionnels ou scolaires, l’utilisateur connecté doit se voir attribuer un rôle Microsoft Entra pris en charge ou un rôle personnalisé avec une autorisation de rôle prise en charge. Lecteur général et Administrateur de flux de travail de cycle de vie sont les rôles les moins privilégiés pris en charge pour cette opération.
Requête HTTP
GET /identityGovernance/lifecycleWorkflows/workflowTemplates
Paramètres facultatifs de la requête
Cette méthode prend en charge les $select
paramètres de requête OData , $orderby
et $filter
pour vous aider à personnaliser la réponse. Pour des informations générales, consultez paramètres de la requête OData.
En-têtes de demande
Nom | Description |
---|---|
Autorisation | Porteur {token}. Obligatoire. En savoir plus sur l’authentification et l’autorisation. |
Corps de la demande
N’indiquez pas le corps de la demande pour cette méthode.
Réponse
Si elle réussit, cette méthode renvoie un 200 OK
code de réponse et une collection d’objets microsoft.graph.identityGovernance.workflowTemplate dans le corps de la réponse.
Exemples
Exemple 1 : Récupérer tous les modèles de flux de travail de cycle de vie
Demande
L’exemple suivant illustre une demande.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflowTemplates
Réponse
L’exemple suivant illustre la réponse.
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates",
"@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET identityGovernance/lifecycleWorkflows/workflowTemplates?$select=category,description",
"value": [
{
"category": "joiner",
"description": "Configure pre-hire tasks for onboarding employees before their first day",
"displayName": "Onboard pre-hire employee",
"id": "77179007-8114-41b5-922e-2e22109df41f",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeHireDate",
"offsetInDays": -7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('77179007-8114-41b5-922e-2e22109df41f')/tasks",
"tasks": [
{
"category": "joiner",
"continueOnError": false,
"description": "Generate Temporary Access Pass and send via email to user's manager",
"displayName": "Generate TAP And send email",
"executionSequence": 1,
"id": "3e062c24-d219-483d-9258-288f2a039b94",
"isEnabled": true,
"taskDefinitionId": "1b555e50-7f65-41d5-b514-5894a026d10d",
"arguments": [
{
"name": "tapLifetimeMinutes",
"value": "480"
},
{
"name": "tapIsUsableOnce",
"value": "true"
}
]
}
]
},
{
"category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day",
"displayName": "Onboard new hire employee",
"id": "4e06785d-7c1d-4b24-b9e1-bba2b890c58b",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeHireDate",
"offsetInDays": 0
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('4e06785d-7c1d-4b24-b9e1-bba2b890c58b')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Enable user account in the directory",
"displayName": "Enable user account",
"executionSequence": 1,
"id": "e18f3208-311c-46a3-a27b-d9c15cd595bc",
"isEnabled": true,
"taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
"arguments": []
},
{
"category": "joiner",
"continueOnError": false,
"description": "Send welcome email to new hire",
"displayName": "Send welcome email",
"executionSequence": 2,
"id": "e9551045-4302-499f-9108-60b9e23c067a",
"isEnabled": true,
"taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
"arguments": []
},
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Add user to selected groups",
"displayName": "Add user to groups",
"executionSequence": 3,
"id": "560acd0c-321e-4e7e-9f31-ff8899c55878",
"isEnabled": true,
"taskDefinitionId": "22085229-5809-45e8-97fd-270d28d66910",
"arguments": [
{
"name": "groupID",
"value": ""
}
]
}
]
},
{
"category": "joiner",
"description": "Configure onboarding tasks for an employee after their first day of work.",
"displayName": "Post-Onboarding of an employee",
"id": "dce038a6-482a-46a2-9ee0-675c5e8477b9",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeHireDate",
"offsetInDays": 7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('dce038a6-482a-46a2-9ee0-675c5e8477b9')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Add user to selected groups",
"displayName": "Add user to groups",
"executionSequence": 1,
"id": "33350498-4404-487f-94ae-db312e436eda",
"isEnabled": true,
"taskDefinitionId": "22085229-5809-45e8-97fd-270d28d66910",
"arguments": [
{
"name": "groupID",
"value": ""
}
]
},
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Add user to selected Teams",
"displayName": "Add user To Teams",
"executionSequence": 2,
"id": "6f7925a5-633d-4cd9-9c4b-8f4b2f040e2b",
"isEnabled": true,
"taskDefinitionId": "e440ed8d-25a1-4618-84ce-091ed5be5594",
"arguments": [
{
"name": "teamID",
"value": ""
}
]
}
]
},
{
"category": "mover",
"description": "Execute real-time tasks for employee job changes",
"displayName": "Real-time employee job change",
"id": "77a82a99-9dfb-471d-a396-107954328b7f",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.onDemandExecutionOnly"
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('77a82a99-9dfb-471d-a396-107954328b7f')/tasks",
"tasks": [
{
"category": "joiner,leaver,mover",
"continueOnError": false,
"description": "Run a Custom Task Extension to callout to an external system.",
"displayName": "Run a Custom Task Extension",
"executionSequence": 1,
"id": "f187bcde-830a-4f4b-bed0-e2347b418c01",
"isEnabled": true,
"taskDefinitionId": "4262b724-8dba-4fad-afc3-43fcbb497a0e",
"arguments": [
{
"name": "customTaskExtensionID",
"value": ""
}
]
}
]
},
{
"category": "mover",
"description": "Configure mover tasks for employees once their group membership changes",
"displayName": "Employee group membership changes",
"id": "56da3093-d105-40d4-9886-fccd074f2f2a",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.groupBasedSubjectSet",
"groups": [
{
"id": "groupID"
}
]
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.membershipChangeTrigger",
"changeType": "add"
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('56da3093-d105-40d4-9886-fccd074f2f2a')/tasks",
"tasks": [
{
"category": "leaver,mover",
"continueOnError": false,
"description": "Remove user assignment of selected access package",
"displayName": "Remove access package assignment for user",
"executionSequence": 1,
"id": "db0500d1-c988-4114-a005-f227649aedfd",
"isEnabled": true,
"taskDefinitionId": "4a0b64f2-c7ec-46ba-b117-18f262946c50",
"arguments": [
{
"name": "accessPackageId",
"value": ""
}
]
},
{
"category": "joiner,leaver,mover",
"continueOnError": false,
"description": "Remove user from membership of selected Teams",
"displayName": "Remove user from selected Teams",
"executionSequence": 2,
"id": "b1049615-0be5-43dc-a919-1f5bf6db967b",
"isEnabled": true,
"taskDefinitionId": "06aa7acb-01af-4824-8899-b14e5ed788d6",
"arguments": [
{
"name": "teamID",
"value": ""
}
]
},
{
"category": "mover",
"continueOnError": false,
"description": "Send email to notify user’s manager of user move",
"displayName": "Send email to notify manager of user move",
"executionSequence": 3,
"id": "96c00437-3a06-4710-bd0b-ab57773a9189",
"isEnabled": true,
"taskDefinitionId": "aab41899-9972-422a-9d97-f626014578b7",
"arguments": []
}
]
},
{
"category": "mover",
"description": "Configure mover tasks for employees once their job profile changes",
"displayName": "Employee job profile change",
"id": "16819b2d-74e9-4fb9-9ba7-48b8a26ab11d",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.attributeChangeTrigger",
"triggerAttributes": [
{
"name": "department"
}
]
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('16819b2d-74e9-4fb9-9ba7-48b8a26ab11d')/tasks",
"tasks": [
{
"category": "mover",
"continueOnError": false,
"description": "Send email to notify user’s manager of user move",
"displayName": "Send email to notify manager of user move",
"executionSequence": 1,
"id": "96c00437-3a06-4710-bd0b-ab57773a9189",
"isEnabled": true,
"taskDefinitionId": "aab41899-9972-422a-9d97-f626014578b7",
"arguments": []
},
{
"category": "joiner,leaver,mover",
"continueOnError": false,
"description": "Remove user from membership of selected Azure AD groups",
"displayName": "Remove user from selected groups",
"executionSequence": 2,
"id": "e9e641d3-e457-433c-9d6c-78a4f2505aef",
"isEnabled": true,
"taskDefinitionId": "1953a66c-751c-45e5-8bfe-01462c70da3c",
"arguments": [
{
"name": "groupID",
"value": ""
}
]
},
{
"category": "joiner,leaver,mover",
"continueOnError": false,
"description": "Remove user from membership of selected Teams",
"displayName": "Remove user from selected Teams",
"executionSequence": 3,
"id": "b1049615-0be5-43dc-a919-1f5bf6db967b",
"isEnabled": true,
"taskDefinitionId": "06aa7acb-01af-4824-8899-b14e5ed788d6",
"arguments": [
{
"name": "teamID",
"value": ""
}
]
},
{
"category": "joiner,mover",
"continueOnError": false,
"description": "Request user assignment to selected access package",
"displayName": "Request user access package assignment",
"executionSequence": 4,
"id": "8c2c653f-46a1-4042-9b4d-2c3d503a4fcc",
"isEnabled": true,
"taskDefinitionId": "c1ec1e76-f374-4375-aaa6-0bb6bd4c60be",
"arguments": [
{
"name": "assignmentPolicyId",
"value": ""
},
{
"name": "accessPackageId",
"value": ""
}
]
}
]
},
{
"category": "leaver",
"description": "Execute real-time termination tasks for employees on their last day of work",
"displayName": "Real-time employee termination",
"id": "145735f1-57cc-48c2-81ec-727f07a10096",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.onDemandExecutionOnly"
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('145735f1-57cc-48c2-81ec-727f07a10096')/tasks",
"tasks": [
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 1,
"id": "1b89bb69-a8cf-416b-a69e-4f6d8108834c",
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"id": "d3cea676-ccce-4426-825c-63c63e9a64c7",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete user account",
"executionSequence": 3,
"id": "adbd4f05-99f0-4260-a155-7657623ca071",
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
]
},
{
"category": "leaver",
"description": "Configure pre-offboarding tasks for employees before their last day of work",
"displayName": "Pre-Offboarding of an employee",
"id": "25abd83d-3b5d-4d6f-bb9a-4ed366fd96b1",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": -7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('25abd83d-3b5d-4d6f-bb9a-4ed366fd96b1')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Remove user from membership of selected Azure AD groups",
"displayName": "Remove user from selected groups",
"executionSequence": 1,
"id": "7e9aac8a-d239-4867-be60-b3c999c50ee7",
"isEnabled": true,
"taskDefinitionId": "1953a66c-751c-45e5-8bfe-01462c70da3c",
"arguments": [
{
"name": "groupID",
"value": ""
}
]
},
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Remove user from membership of selected Teams",
"displayName": "Remove user from selected Teams",
"executionSequence": 2,
"id": "40eab675-1aaf-432d-b17e-053d93b0fe2e",
"isEnabled": true,
"taskDefinitionId": "06aa7acb-01af-4824-8899-b14e5ed788d6",
"arguments": [
{
"name": "teamID",
"value": ""
}
]
}
]
},
{
"category": "leaver",
"description": "Configure offboarding tasks for employees on their last day of work",
"displayName": "Offboard an employee",
"id": "e821c59e-d28c-44d7-902f-5fed05e926f1",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": 0
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('e821c59e-d28c-44d7-902f-5fed05e926f1')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Disable user account in the directory",
"displayName": "Disable user account",
"executionSequence": 1,
"id": "8d9eab35-6c32-4b76-acbd-6a22cb07aa6a",
"isEnabled": true,
"taskDefinitionId": "1dfdfcc7-52fa-4c2e-bf3a-e3919cc12950",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 2,
"id": "4f5d8835-5d38-4106-ac7e-ebc407749bd2",
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 3,
"id": "8087b303-e7d5-492d-ab75-31d4aa34bd73",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
}
]
},
{
"category": "leaver",
"description": "Configure offboarding tasks for employees after their last day of work",
"displayName": "Post-Offboarding of an employee",
"id": "50149a4a-7c2d-4fd8-8018-761f4eb915cb",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": 7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('50149a4a-7c2d-4fd8-8018-761f4eb915cb')/tasks",
"tasks": [
{
"category": "leaver",
"continueOnError": false,
"description": "Remove all licenses assigned to the user",
"displayName": "Remove all licenses for user",
"executionSequence": 1,
"id": "760ab754-8249-4bce-9315-1ad06488e434",
"isEnabled": true,
"taskDefinitionId": "8fa97d28-3e52-4985-b3a9-a1126f9b8b4e",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"id": "17b4e37b-c50b-4e04-a11c-93479f487d1d",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete user account",
"executionSequence": 3,
"id": "46849618-30e7-4b67-abf0-f8c7f0d54b95",
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
]
}
]
}
Exemple 2 : Récupérer les modèles de flux de travail pris en charge pour les flux de travail « leaver »
Demande
L’exemple suivant illustre une demande.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflowTemplates?$filter=category eq 'leaver'
Réponse
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates",
"value": [
{
"category": "leaver",
"description": "Execute real-time termination tasks for employees on their last day of work",
"displayName": "Real-time employee termination",
"id": "145735f1-57cc-48c2-81ec-727f07a10096",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.onDemandExecutionOnly"
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('145735f1-57cc-48c2-81ec-727f07a10096')/tasks",
"tasks": [
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 1,
"id": "1b89bb69-a8cf-416b-a69e-4f6d8108834c",
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"id": "d3cea676-ccce-4426-825c-63c63e9a64c7",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete User Account",
"executionSequence": 3,
"id": "adbd4f05-99f0-4260-a155-7657623ca071",
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
]
},
{
"category": "leaver",
"description": "Configure pre-offboarding tasks for employees before their last day of work",
"displayName": "Pre-Offboarding of an employee",
"id": "25abd83d-3b5d-4d6f-bb9a-4ed366fd96b1",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": -7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('25abd83d-3b5d-4d6f-bb9a-4ed366fd96b1')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Remove user from membership of selected Azure AD groups",
"displayName": "Remove user from selected groups",
"executionSequence": 1,
"id": "7e9aac8a-d239-4867-be60-b3c999c50ee7",
"isEnabled": true,
"taskDefinitionId": "1953a66c-751c-45e5-8bfe-01462c70da3c",
"arguments": [
{
"name": "groupID",
"value": ""
}
]
},
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Remove user from membership of selected Teams",
"displayName": "Remove user from selected Teams",
"executionSequence": 2,
"id": "40eab675-1aaf-432d-b17e-053d93b0fe2e",
"isEnabled": true,
"taskDefinitionId": "06aa7acb-01af-4824-8899-b14e5ed788d6",
"arguments": [
{
"name": "teamID",
"value": ""
}
]
}
]
},
{
"category": "leaver",
"description": "Configure offboarding tasks for employees on their last day of work",
"displayName": "Offboard an employee",
"id": "e821c59e-d28c-44d7-902f-5fed05e926f1",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": 0
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('e821c59e-d28c-44d7-902f-5fed05e926f1')/tasks",
"tasks": [
{
"category": "joiner,leaver",
"continueOnError": false,
"description": "Disable user account in the directory",
"displayName": "Disable User Account",
"executionSequence": 1,
"id": "8d9eab35-6c32-4b76-acbd-6a22cb07aa6a",
"isEnabled": true,
"taskDefinitionId": "1dfdfcc7-52fa-4c2e-bf3a-e3919cc12950",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Azure AD groups memberships",
"displayName": "Remove user from all groups",
"executionSequence": 2,
"id": "4f5d8835-5d38-4106-ac7e-ebc407749bd2",
"isEnabled": true,
"taskDefinitionId": "b3a31406-2a15-4c9a-b25b-a658fa5f07fc",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 3,
"id": "8087b303-e7d5-492d-ab75-31d4aa34bd73",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
}
]
},
{
"category": "leaver",
"description": "Configure offboarding tasks for employees after their last day of work",
"displayName": "Post-Offboarding of an employee",
"id": "50149a4a-7c2d-4fd8-8018-761f4eb915cb",
"executionConditions": {
"@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
"scope": {
"@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
"rule": "department eq 'Marketing'"
},
"trigger": {
"@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
"timeBasedAttribute": "employeeLeaveDateTime",
"offsetInDays": 7
}
},
"tasks@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/workflowTemplates('50149a4a-7c2d-4fd8-8018-761f4eb915cb')/tasks",
"tasks": [
{
"category": "leaver",
"continueOnError": false,
"description": "Remove all licenses assigned to the user",
"displayName": "Remove all licenses for user",
"executionSequence": 1,
"id": "760ab754-8249-4bce-9315-1ad06488e434",
"isEnabled": true,
"taskDefinitionId": "8fa97d28-3e52-4985-b3a9-a1126f9b8b4e",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Remove user from all Teams memberships",
"displayName": "Remove user from all Teams",
"executionSequence": 2,
"id": "17b4e37b-c50b-4e04-a11c-93479f487d1d",
"isEnabled": true,
"taskDefinitionId": "81f7b200-2816-4b3b-8c5d-dc556f07b024",
"arguments": []
},
{
"category": "leaver",
"continueOnError": false,
"description": "Delete user account in Azure AD",
"displayName": "Delete User Account",
"executionSequence": 3,
"id": "46849618-30e7-4b67-abf0-f8c7f0d54b95",
"isEnabled": true,
"taskDefinitionId": "8d18588d-9ad3-4c0f-99d0-ec215f0e3dff",
"arguments": []
}
]
}
]
}