HR to Azure AD Profile Map
You can define HR attributes to Azure AD Profile mapping on this step. Simply type static value or drag drop HR attributes and map to each attribute.
Data Mapping and Transformation¶
Data mapping and transformation is at the heart of the workflow design. Data transformation allows you to map, transform, and manipulate data elements from the incoming HR data to the outgoing Azure active directory system that makes an API call or performs an operation.
As you see in the picture below, there are two sections highlighted by red and green color:
-
The area highlighted in red is the "Trigger data" available for you to drag and drop to your Conditionals. These are the HR attributes you defined in "HR Data Definition" step.
-
The area highlighted in green has the Azure AD attribute fields to which data needs to be mapped. It also has the data "Mapping and Transformation" capabilities to manipulate trigger data as well as your own input data to generate the final value for the corresponding AD attributes.
-
Hire2Retire being targeted at business users or citizen integrators provides hundreds of "Excel Style Functions" for data mapping and transformations on the toolbar starting with "fx".
Note - Hire2Retire auto-generates mail, UPN and mail nickname using UPN prefix and UPN suffix. As mail nickname is a required attribute of an employee profile in Azure AD, By default mail nickname is auto-generated using UPN prefix by Hire2Retire. If user provides mapping in mail nickname field, then Hire2Retire will take the user-provided value and map to employee profile.
| # | AttributeName | Description |
|---|---|---|
| 1 | Name | Display name of the user |
| 2 | Employeeid | This is the unique identifier for each employee in your active directory. The workflow will check if employeeID exists and decide to create or update profile in AD. Note: Please make sure the existing employees in AD have employeeID in case the workflow creates duplicate record. |
| 3 | UPN prefix or user name | The part before @ in UPN is upn prefix. |
| 4 | UPN suffix or domain name | The part after @ in UPN is upn prefix. |
Other Azure AD Attributes¶
| # | Attribute Name | Description |
|---|---|---|
| 1 | aboutMe | Information about current user |
| 2 | ageGroup | The user's age group. Possible values: null, Undefined, Minor, Adult, NotAdult. |
| 3 | businessPhones | The list of business phone number. |
| 4 | companyName | The name of the company in which user works |
| 5 | consentProvidedForMinor | Whether the consent has been provided for a minor. Allowed values: null, granted, denied, or notRequired. |
| 6 | country | The name of the country in which the user resides |
| 7 | creationType | If the user account was created as a local account for an Azure Active Directory B2C tenant, the value is LocalAccount or nameCoexistence. |
| 8 | department | It contains the name for the department in which the user works. |
| 9 | employeeHireDate | Date on which employee was hired. |
| 10 | employeeType | This attribute specifies an employee's job category |
| 11 | externalUserState | This represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. |
| 12 | faxNumber | The fax number of the user |
| 13 | First Name | First name of the user |
| 14 | interests | Other interests of the user |
| 15 | isResourceAccount | It is of boolean type and reserved for future use. |
| 16 | jobTitle | The user's job title. |
| 17 | legalAgeGroupClassification | It is calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, minorWithOutParentalConsent, minorWithParentalConsent, minorNoParentalConsentRequired, notAdult, and adult. |
| 18 | manager | Contains the id of the user's manager. |
| 19 | mobilePhone | The primary mobile phone number. |
| 20 | mySite | The user's personal site |
| 21 | officeLocation | office location of the user |
| 22 | OtherMails | A list of secondary email addresses for the user. Example: ["bob@contoso.com", "Robert@fabrikam.com"]. |
| 23 | pastProjects | Projects undertaken by the user |
| 24 | postalCode | The postal code for the user's postal address. The postal code is specific to the user's country/region. |
| 25 | preferredDataLocation | The preferred data location for the group |
| 26 | preferredLanguage | Language preferred by the user |
| 27 | preferredName | Name preferred by the user. |
| 28 | proxyAddresses | Email addresses for the group that direct to the same group mailbox |
| 29 | responsibilities | Responsibilities undertaken by the user |
| 30 | schools | A list for the user to enumerate the schools they have attended |
| 31 | streetAddress | An address description with street name and house number/description |
| 32 | Last Name | Last name of the user |
| 33 | usageLocation | Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries/regions. Not nullable. A two letter country/region code (ISO standard 3166). Examples: "US", "JP", and "GB". |
| 34 | userType | A string value that can be used to classify user types in your directory. Value can be Member or Guest |
Other than the attributes mentioned above, we have 15 "extensionAttributes". Each object in the Azure AD has Extension attributes that are ready to be used for whatever purposes admins might come up with, such as storing additional information on user accounts during automated processing.
Clear Attribute(s)¶
You can clear the values of attribute(s) from the Azure Active Directory by selecting them in the Clear Attributes multi-select. If you provide empty values for selected attributes in the mapped data, those attributes will be cleared. The values of unselected attribute(s) will be preserved as it is.
