HR to Entra ID Profile Map
You can define HR attributes to Entra ID Profile mapping on this step. Simply type static value or drag drop HR attributes and map to each attribute.
Data Mapping and Transformation¶
Data mapping and transformation are at the heart of the workflow design. Data transformation allows you to map, transform, and manipulate data elements from the incoming HR data to the outgoing Entra ID system that makes an API call or performs an operation.
As you see in the picture below, there are two sections highlighted by red and green color:
-
The area highlighted in red is the "Trigger data" available for you to drag and drop to your Conditionals. These are the HR attributes you defined in the "HR Data Definition" step.
-
The area highlighted in green has the Entra ID attribute fields to which data needs to be mapped. It also has the data "Mapping and Transformation" capabilities to manipulate trigger data as well as your own input data to generate the final value for the corresponding AD attributes.
-
Hire2Retire being targeted at business users or citizen integrators provides hundreds of "Excel Style Functions" for data mapping and transformations on the toolbar starting with "fx".
- Select the checkbox 'Check if you have configured any ATS to Entra ID flow', If you want to integrate your ATS flow with HCM flow using Hire2Retire. Then choose the extension attribute same as chosen in ATS flow and map the personal email.
Note - Hire2Retire auto-generates mail, UPN and mail nickname using UPN prefix and UPN suffix. As mail nickname is a required attribute of an employee profile in Entra ID, By default mail nickname is auto-generated using UPN prefix by Hire2Retire. If user provides mapping in mail nickname field, then Hire2Retire will take the user-provided value and map to employee profile.
| # | AttributeName | Description |
|---|---|---|
| 1 | Display name (displayName) | Display name of the user |
| 2 | Employee ID (employeeId) | This is the unique identifier for each employee in your active directory. The workflow will check if employeeID exists and decide to create or update profile in AD. Note: Please make sure the existing employees in AD have employeeID in case the workflow creates duplicate record. |
| 3 | UPN prefix or user name (upn_prefix) | The part before @ in UPN is upn prefix. |
| 4 | UPN suffix or domain name (upn_suffix) | The part after @ in UPN is upn prefix. |
Other Entra ID Attributes¶
| # | Attribute Name | Description |
|---|---|---|
| 1 | Age group (ageGroup) | The user's age group. Possible values: null, Undefined, Minor, Adult, NotAdult. |
| 2 | Business phone (businessPhones) | The list of business phone numbers. |
| 3 | Company name (companyName) | The name of the company in which the user works. |
| 4 | Consent provided for minor (consentProvidedForMinor) | Whether the consent has been provided for a minor. Allowed values: null, granted, denied, or notRequired. |
| 5 | Country or region (country) | The name of the country or region in which the user resides. |
| 6 | Department (department) | It contains the name for the department in which the user works. |
| 7 | Employee hire date (employeeHireDate) | Date on which employee was hired. |
| 8 | Employee type (employeeType) | This attribute specifies the employee's job category. |
| 9 | Fax number (faxNumber) | The fax number of the user. |
| 10 | First name (givenName) | First name of the user |
| 11 | Is resource account (isResourceAccount) | It is of boolean type and reserved for future use. |
| 12 | Job title (jobTitle) | The user's job title. |
| 13 | Legal age group classification (legalAgeGroupClassification) | It is calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, minorWithOutParentalConsent, minorWithParentalConsent, minorNoParentalConsentRequired, notAdult, and adult. |
| 14 | Manager ID (manager-employeeId) | Contains the ID of the user's manager. |
| 15 | Mobile phone (mobilePhone) | The primary mobile phone number. |
| 16 | Office location (officeLocation) | The user's office location. |
| 17 | Other emails (otherMails) | A list of secondary email addresses for the user. Example: ["bob@contoso.com", "Robert@fabrikam.com"]. |
| 18 | ZIP or postal code (postalCode) | The postal code for the user's postal address. The postal code is specific to the user's country/region. |
| 19 | Preferred data location (preferredDataLocation) | The preferred data location for the group. |
| 20 | Preferred language (preferredLanguage) | Language preferred by the user |
| 21 | Preferred name | Name preferred by the user. |
| 22 | Street address (streetAddress) | An address description with street name and house number/description |
| 23 | Last name (surname) | Last name of the user |
| 24 | Usage location (usageLocation) | Required for users assigned licenses, as it checks for service availability in their country/region. A two-letter country/region code (ISO 3166). Examples: "US", "JP", "GB". |
| 25 | User type (userType) | A string value that classifies user types in your directory. Values can be Member or Guest. |
Other than the attributes mentioned above, we have 15 "extensionAttributes". Each object in the Entra ID has Extension attributes that are ready to be used for whatever purposes admins might come up with, such as storing additional information on user accounts during automated processing.
Choose an extension attribute to track lifecycle state changes¶
By selecting an extension attribute, Hire2Retire will store and track the account status within the chosen attribute. This enables the tracking of lifecycle events performed by Hire2Retire while also accommodating manual updates made by the system administrator.
Choose the Preferred or First Name in the UPN and Primary SMTP Prefix¶
You have two options for setting the UPN and primary SMTP prefix to use either the preferred name or the first name:
-
If preferred name exists, then use preferred name. If not, use first name - If the preferred name is mapped, it will be used for the UPN and primary SMTP prefix. If the preferred name is not mapped, then the first name will be used instead.
-
Always use first name - The first name will consistently be used for the UPN and primary SMTP prefix.
After selecting an option, you can choose the specific format for the UPN and primary SMTP prefix from the dropdown below.
Support for Different UPN and Email Prefixes/Suffixes¶
You can configure different formats for User Principal Names (UPN) and email addresses to align with your organization's naming conventions.
Email Prefix Setup: You can select the preferred email prefix format from the available dropdown options.
Email Suffix Setup: To specify a different suffix for email addresses, enter the desired email suffix in the provided textbox.
Exclude special characters from UPN and Email prefix¶
By default, UPN & Email prefix will support special characters, but there is an option to exclude certain characters from being used. The characters that can be excluded include are:
- Caret (^),
- Exclamatory (!),
- Hash (#),
- Hyphen (-),
- Single Quote ('),
- Tilde (~),
- Underscore (_)
It is important to note that, by default, the sAMAccountName, primary SMTP address, and mailNickName will adhere to the same rules regarding special characters unless they are specifically mapped to allow different configurations. This means that if you choose to exclude certain special characters for the UPN and Email prefix, those exclusions will also apply to the sAMAccountName, primary SMTP address, and mailNickName unless you have set up separate mappings for them.
Resolve Duplicates by Appending Numerals¶
When duplicate common names (CN), User Principal Names (UPN), or mail are detected, selecting this option allows Hire2Retire to append numerals (e.g., 1, 2, 3 or 01, 02, 03) to these fields ensuring unique values for each user. If "Not Apply" option is selected, any duplicate entries will result in an error message indicating duplicate values exists.
Configure Email and UPN Case Settings¶
This option controls whether email addresses and UPNs are generated in lowercase or retain the original case from HR data. When checked, email and UPN will be created in all lowercase by default. Unchecking this option will maintain the original capitalization as provided in the HR attributes.
Configure mailNickname Case Settings¶
This option determines the case format for mailNickname attribute. By default, this attributes is created using the original case from HR data. To convert it to lowercase, uncheck this option.
Clear the field value for the selected attribute(s).¶
You can clear the values of attribute(s) from the Entra ID by selecting them in the multi-select as shown below. If you provide empty values for selected attributes in the mapped data, those attributes will be cleared. The values of unselected attribute(s) will be preserved as it is.
