LogicApp to check when new Azure AD account created

Question

Whenever a new privileged account is created or deleted in Azure AD , we need to fetch via Logic App and send that data to a CyberArk API

1)So is there any way that we can make Azure AD to invoke Logic app URL when new account is created or deleted ?

Or

1. Can Logic app continuously poll the Azure AD every minute, so that we come to know , whenever a new account is created or deleted ?

3)Will Azure AD graph API help in this case ?

Answer 1

Hi,

One option would be to send Azure AD audit log to Event Hub and then have Logic app that processes the events and send data to CyberArk. Article below walks through for scenario with Applications, but you can use same basic technique (with modifications) for users:

Azure AD App Tracking with Logic Apps

https://devblogs.microsoft.com/premier-developer/azure-ad-app-tracking-with-logic-apps/

If the above was helpful please click Accept Answer.

Thanks.

-TP

Answer 2

HI ,

Logic app does provide the Azure AD connector but i am unsure if there are triggers that can help you with

You can use Microsoft Graph APIs that provide ways to keep track of changes and you could choose the one that best suits your requirements

1. Changes can be polled using delta queries
2. Get notified when there are changes by subscribing to changes or Check Audit Logs for any changes

If the above is useful please click Accept Answer.

Answer 3

@MS Techie AFAIK, the Change Notifications is the feature that's used for what you're trying to accomplish: https://learn.microsoft.com/en-us/graph/webhooks Not quite entirely sure about user creation events but pretty sure that can be verified through the docs -- let me know if you hit any blockers and I can dig deeper on this ;)