Important
This repository contains the connector and configuration code only. The implementer is responsible for acquiring the connection details such as username, password, certificate, etc. You might even need to sign a contract or agreement with the supplier before implementing this connector. Please contact the client's application manager to coordinate the connector requirements.
- HelloID Environment:
- Set up your HelloID environment.
- Entra ID:
- App registration with
API permissionsof the typeApplication:User.ReadWrite.All
- The following information for the app registration is needed in HelloID:
Application (client) IDDirectory (tenant) IDSecret Value
- App registration with
- AFAS Profit:
- AFAS tenant id
- AppConnector token
- Loaded AFAS GetConnector
- Tools4ever - HelloID - T4E_HelloID_Users_v2.gcn
- https://github.com/Tools4everBV/HelloID-Conn-Prov-Target-AFAS-Profit-Employees
- Build-in Profit update connector: KnEmployee
- None at this time.
HelloID-Conn-SA-Full-EntraID-AFAS-Update-UPN-Mail is a template designed for use with HelloID Service Automation (SA) Delegated Forms. It can be imported into HelloID and customized according to your requirements.
By using this delegated form, you can update the UPN and Email in Entra ID and AFAS Profit. The following options are available:
- Search and select the Entra ID user
- Enter new values for the following Entra ID account attributes: userPrincipalName and mail
- The entered userPrincipalName and mail are validated
- Entra ID account [userPrincipalName, mail and mailNickname] and AFAS employee [EmAd] attribute are updated with new values
- Writing back [EmAd] in AFAS will be skipped if the employee is not found in AFAS
Entra Id and AFAS Profit provide a set of REST APIs that allow you to programmatically interact with its data. The API endpoints listed in the table below are used.
| Endpoint | Description |
|---|---|
| users | The user endpoint of the Graph API |
| profitrestservices/connectors | AFAS endpoint |
The following options are available in the form:
- Lookup user:
- This Powershell data source runs an Entra ID query to search for matching Entra ID accounts. This data source returns additional attributes that receive the current values for userPrincipalName/mail and also split them into a prefix and a suffix for future uses.
- Validate UPN and mail:
- This Powershell data source runs an Entra ID query to validate the uniqueness of the new userPrincipalName, mail and mailNickname. The values are also validated in ProxyAddresses. And will return a "Valid" or "Invalid" text. This text is used for validation in the form.
The following actions will be performed based on user selections:
- Update UPN and mail in Entra ID:
- On the Entra ID account the attributes userPrincipalName, mail and mailNickname will be updated.
- the proxyAddresses is automatically updated by Entra ID by replacing the value in the mail attribute.
- On the Entra ID account the attributes userPrincipalName, mail and mailNickname will be updated.
- Update EmAd in AFAS Profit Employee:
- On the AFAS employee the attributes EmAd will be updated.
The following user-defined variables are used by the connector. Ensure that you check and set the correct values required to connect to the API.
| Setting | Description |
|---|---|
EntraTenantId |
The ID to the Tenant in Microsoft Entra ID |
EntraAppId |
The ID to the App Registration in Microsoft Entra ID |
EntraAppSecret |
The Client Secret to the App Registration in Microsoft Entra ID |
AFASBaseUrl |
The URL to the AFAS environment REST service |
AFASToken |
The password to the P12 certificate of your service account |
Tip
For more information on Delegated Forms, please refer to our documentation pages.
Tip
If you need help, feel free to ask questions on our forum.
The official HelloID documentation can be found at: https://docs.helloid.com/