In this use case, we're going to describe how you can set up Nimbus to look up internal user numbers from within your Azure AD directory.
By default, Nimbus does not perform this reverse lookup, but via Power Automate and our Nimbus Power Automate Connector you can use a Microsoft Graph Query to perform this task.
PRECONDITIONS
- Tenant Admin rights to access your user AD and perform this Flow on behalf of all your services
- Power Automate "Premium" license (to use the HTTP action)
- Phone numbers maintained in Azure AD must be stored in valid E.164 format, or a predictable pattern - otherwise our query won't find any matches
- An App Registration (we recommend re-using the existing one for the Nimbus Power Automate Connector), which must grant User.Read.All application permissions for the Graph API
NOTES
This example is giving priority to the first found result returned by the Graph query. Other potential matches will not be considered.
See https://docs.microsoft.com/en-us/graph/query-parameters for more query customization options to fine-tune your search.
CLIENT SECRET EXPOSURE
The client secret value is stored in clear text within the HTTP action in this example
→ You must therefore ensure that this data is not exposed to anyone without proper authorization.
→ Alternatively, you can also use the "Get secret" Action, available as part of the built-in Azure Key Vault Connector in Power Automate.
✅ This requires a "Premium license" plus an "Azure Key Vault" which consumes Azure Storage Resources that will incur additional costs
Flow Overview
This flow consists of the following steps:
- GetOnNewTasks and UpdateTask Nimbus Trigger Events to start the flow and store the retrieved values back accordingly.
- An Initialize Variable step to store the Nimbus callerID and transform it for the HTTP request.
- A HTTP request step to get Azure AD data via Graph API.
- A Parse JSON step to parse the returned HTTP results and make the contained user data therein available as dynamic content for the final UpdateTask step
Start Flow & initialize variable
✅ To convert the Nimbus data for Graph Query, a variable needs to be initialized using Nimbus data.
- Start a new Cloud Flow with the %Nimbus "GetOnNewTasks" Trigger Events action.
- Insert a "Initialize variable" step and add a dynamic "replace" expression in the "value" field.
This expression will replace any occurence of a "+" sign in the E.164 number with a "%2B" equivalent → ☝ this is necessary as otherwise the HTTP query won't work
replace(triggerOutputs()?['body/MicrosoftCallerId'],'+','%2B')HTTP GET Request via Graph API
✅ Next we use the variable to form a Graph Query via the HTTP step. Configure it as follows:
| Method | GET | ||||
|---|---|---|---|---|---|
| URI |
If you have chosen a different name for the dynamic variable from the previous step, then you will need to replace CallerID accordingly. |
||||
| Headers |
Enter the following key/value pair:
|
||||
| Authentication | Set to "Active Directory OAuth" | ||||
| Authority | Enter "https://login.microsoft.com" | ||||
| Tenant | Directory (tenant) ID 🤔 Where to get this info? Retrieved from the App Registration Overview. See instructions below. |
||||
| Audience | Enter "https://graph.microsoft.com" | ||||
| Client ID |
Application (client) ID 🤔 Where to get this info? Retrieved from the App Registration Overview. See instructions below. |
||||
| Credential Type | Set to "Secret" | ||||
| Secret |
Client Secret Value 🤔 Where to get this info? Retrieved from the App Registration Overview. See instructions below. ☝ The value can only be viewed & copied directly after creation, so you may need to create a new client secret in your App Registration. |
Where to get the App Registration
As a Tenant Admin, head to https://portal.azure.com and find your Nimbus App Registration (established during Nimbus Installation).
Parse JSON
✅ With the search result returned by the previous HTTP step, we can now parse the Azure AD information to retrieve the individual user fields:
You will need the following JSON Schema (click to expand):
{
"type": "object",
"properties": {
"value": {
"type": "array",
"items": {
"type": "object",
"properties": {
"businessPhones": {
"type": "array",
"items": {
"type": "string"
}
},
"city": {},
"companyName": {
"type": "string"
},
"country": {},
"department": {
"type": "string"
},
"displayName": {
"type": "string"
},
"givenName": {
"type": "string"
},
"imAddresses": {
"type": "array",
"items": {
"type": "string"
}
},
"jobTitle": {
"type": "string"
},
"mail": {
"type": "string"
},
"mobilePhone": {
"type": "string"
},
"postalCode": {},
"streetAddress": {},
"state": {},
"surname": {
"type": "string"
},
"userPrincipalName": {
"type": "string"
}
},
"required": [
"businessPhones",
"city",
"companyName",
"country",
"department",
"displayName",
"givenName",
"imAddresses",
"jobTitle",
"mail",
"mobilePhone",
"postalCode",
"streetAddress",
"state",
"surname",
"userPrincipalName"
]
}
}
}
}Update Task
✅ Finally we update the current Nimbus task with the UpdateTask action .
- For the field "RequestId" ensure the Nimbus System Parameter "RequestId" is used.
- Add Customer.<Fields> with the values from your JSON
- 💡 Note that the businessPhones and imAddresses parameters are always returned as arrays.
→ We're quick-selecting the first items within these arrays here to avoid display issues:- In the field "Customer.PrimaryTelNumber" add a dynamic "Items" expression and select the first item with the following expression:
if(empty(item()?['businessPhones']),null,item()?['businessPhones'][0])- In the field "Customer.ImAddress" add a dynamic "Items" expression and select the first item with the following expression:
if(empty(item()?['imAddresses']),null,item()?['imAddresses'][0])