703.242.7200 [email protected]

Helix ITSM and Azure

RightStar TeamOctober 12, 2023

With so many of our customers moving to Azure, we’ve seen increased interest in not just using Azure for authentication but also in syncing data from the Azure User Profile to the People foundation data in Helix ITSM.

To do this, there are a few steps involved. There isn’t an official BMC “how to” doc, but it basically involves some setup in MS Azure AD, use of the MS Graph Rest API, and Atrium Integrator (Pentaho Data Integration). 

Here are the steps: 

1) Register a client application with Azure AD:

https://learn.microsoft.com/en-us/power-apps/developer/data-platform/walkthrough-register-app-azure-active-directory

This is how you will establish permissions and interact with Azure AD using the MS Graph Rest API.

2) Add MS Graph API access to your application and give it “User.Read.All” permissions so that you can look up the user profile details for any user in Azure AD (you can modify this as needed for your specific needs to limit scope, etc.)

https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis

3) Add a “Client Secret” for authentication:

https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#add-credentials

4) Use Atrium Integrator “REST API” widget to interact with Azure AD.

You will need to get an authorization token using the Azure tenant ID and Client Secret you created in the previous step. Once authenticated, use the REST API widget to issue MS Graph Rest API commands as needed to retrieve user profile information:

https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0

**Note: the MS Graph API is a paginated API (limited to 100 results per page), so you will need to iterate through multiple queries and build a complete result set. The easiest way I found to do this was to create a transformation to manage the page query and repeat until the “@odata.nextLink” value was NULL/not present. However, I’m sure there are plenty of other ways to accomplish this. More info here:

https://learn.microsoft.com/en-us/graph/paging

This should accomplish the goal of bringing data from MS Azure into the Helix Remedy ITSM People data forms. Please reach out if you want to use RightStar services in this effort!