Ways to Automate the Workflow
Modified on Tue, 05 Sep 2023 at 06:31 PM
Categories
-
What's New
-
Release Information
- CoreView Release Notes September 2023
- CoreView Release Notes August 2023
- CoreView Release Notes July 2023
- CoreView Release Notes June 2023
- CoreView Release Notes May 2023
- CoreView Release Notes April 2023
- CoreView Release Notes March 2023
- CoreView Release Notes February 2023
- CoreView Release Notes January 2023
- CoreView December 2022 Release Notes
- CoreView November 2022 Release Notes
- CoreView October 2022 Release Notes
- September 2022 Release Notes
- August 2022 Release Notes
- Release 22.06 Key Features
- Release 22.05 Key Features
- Release 22.04 Key Features
- Release 22.03 Key Features
- Release 22.01 Key Features
- Release 21.12 Key Features
- Release 21.11 Key Features
- Release 21.10 Key Features
- Release 21.09 Key Features
- Release 21.08 Key Features
- Release 21.07 Key Features
- Release 21.05 Key Features
- Release 21.04 Key Features
- Release 21.03 Key Features
- Release 21.02 Key Features
- Release 21.01 Key Features
-
Release Information
- Getting Started with Customer Care
-
Getting Started with CoreView
-
Configuring
- Configuration Overview
- Creating CoreView Tenant Administrators
- CoreView Operator Uses Cases & Dependencies
- Creating a License Pool
- Understanding Virtual Tenants
- "Send As" DNS Requirements for CoreAdoption Campaigns (Optional)
- How to enforce MFA on CoreView service accounts
- Creating a License Pool
- How to ensure security for CoreView service accounts
- Disabling MFA for CoreView service accounts
- Set Conditional Access to grant access only inside the CoreView data center
-
Configuring
-
How to
-
Exchange Online
- How to check and analyze the Message Trace
- How To Configure Email Forwarding
- How to convert a Shared Mailbox to a User Mailbox
- How to convert a user mailbox to a shared mailbox in Exchange Online
- How to Create Microsoft 365 Groups for Improved Collaboration
- How To Create Shared Mailbox
- How To Create User Mailbox
- How To Grant Access To Mailbox
- How to List all the Mailboxes a User has access to in Microsoft 365
- How to remove delegates from Mailbox
- How to remove user access to Mailbox
- How to review and manage Exchange online mailbox permissions
- How to verify if a user has updated the Password
- Read Permission for Mailbox
- What are security groups and How to create it
- What is a Distribution Group and How to create it
-
Exchange Online
- Custom Actions Library
- Getting Started with CoreHybrid
-
Knowledge Resources
-
Understanding CoreView - Quick Start Guides.
- CoreView Quick Start Guide Overview and Index - Tenant Admins
- CoreView Quick Start Guide Overview and Index - Operators
- Understanding CoreView Tenant Configuration – Management
- Understanding the CoreView Operator Profile
- Understanding CoreView Operator Roles (New UX)
- Understanding CoreView Operator Roles
- Understanding CoreView Operator Delegation
- Understanding CoreView - Report Column Filtering
- Understanding CoreView Tenant Configuration - V-Tenant User Filters
- Understanding CoreView Tenant Configuration - Portal Information
- Understanding CoreView Tenant Configuration Options
-
Troubleshooting Common Issues
- Unable to see OneDrive, SharePoint and Exchange Data
- Remote Office 365 PowerShell session can Conflict CoreView Management Actions
- Why I cannot save the changes on existing License pool?
- Error when attempting to perform a Management Action
- Unable to modify the Assigned Licenses in my License Pool Report
- Enabling Permission for Endpoint Manager Actions
- How to enable permission for BitLocker keys report
-
Tenant Administration
- How to recreate Admins Read-only
- How to add an operator to the portal?
- How to enable and configure CoreView management session
- How to provide a consent to activate Azure AD Reports Feature and activate Partial Import?
- Tips & Tricks: Leverage Pivot Reports to Prototype License Pool Criteria Filter
- Tips & Tricks - How to manage email notifications for newly added Operators.
- Disable MFA from Read Only Service Accounts
- How To: Report on "Consumed Portal Licenses"
- How to Configure Allowed IP Addresses for CoreView Service Accounts
- Tips & Tricks: How to merge License Pools
- How to Use CoreView's Global Report Filters
- How to use the What If tool to check Azure AD conditional access policies
- How to Configure Allowed IP Addresses for CoreView Service Accounts
- How to Archive a Teams Group
- How to Restore a Teams Group
- On-demand Import for a Single Device in Endpoint Manager (Intune)
- Custom Actions using the Microsoft Graph API
- How to set up your tenant for the switch to Microsoft Graph API
- GraphAPI configuration: How to get Client ID and Client Secret
- How to provide consent to import exchange information
-
Reporting and Analytics
- How do I Check and Manage Calendar Permissions for a User?
- How CoreView can help you with your Microsoft 365 Chargeback Goals.
- New UX: Understanding the new License Centers
- Understanding the Savings Opportunities Dashboard
- Understanding the License Optimization center
- Understanding License Pool Snapshots report
- Understanding Call quality dashboard
- Understanding Call quality report
- Understanding User call quality report
- Understanding Teams groups activity report
- Understanding Teams Adoption Growth Report
- Understanding Endpoint Manager reports
- Understanding Teams dashboard
- Understanding Risky Users report
- Understanding Storage Dashboard
- Troubleshoot Active Users (License Usage) data
- Legacy Protocol Management
- Report Columns: Is active 30/60/90
- Quarantined Messages Report - Understanding The Reports
-
Managing and Administration
- Teams Voice: Direct Routing Support
- How to enable management function?
- Forward SMTP Address vs Forward Address management actions
- How to add the users in bulk while executing Users management actions?
- How to Create & Manage Custom Actions
- How to schedule a report to be sent automatically, and how to modify its scheduling options?
- How to schedule an alert report for the License Count
- Tips & Tricks – How to read and modify license pool report?
- Overview of CoreView Workflow
- How to delegate Workflow management using roles
- How to configure CoreView and ServiceNow integration
- How to Enable Multi Factor Authentication for Operators and Admins who Access the CoreView Portal
- How Can I Migrate from Group-Based Licenses to Direct Licenses Managed by CoreView?
- Naming convention rules
- Custom Actions: Forbidden and Warning Values
- How to add users to Distribution Group in bulk using via CSV
- Not able to manage licenses error
- Using custom action json output as an input in the workflow
- Setting the Sensitivity Label on SharePoint as a Mandatory Field
- DistinguishedName vs OnPremisesDistinguishedName
-
Understanding CoreView - Quick Start Guides.
- CoreView Product Manual
- Health Check
- Actions
-
Playbooks
-
Out-of-the-Box playbooks
- Introduction
- Overview
- Configuring predefined policies
- Edit policy settings: Set and monitor thresholds
- Edit remediation settings: Manual and automatic remediation
- Edit remediation settings: Configure attestation
- Remediation settings: Security & Identity policies
- Remediation settings: Teams Management policies
- Remediation settings: License Management policies
- Remediation settings: SharePoint & OneDrive Management policies
- Remediation settings: Exchange Management policies
-
Out-of-the-Box playbooks
- Workflows
- Learning Platform
- Internal Customer Care Resources
- Archive
- PowerShell
- Webinars and Events
- CoreVoice
- Internal Support
In this document, you will learn four ways to trigger a workflow in CoreView.
There are four ways to automatically trigger a workflow:
- 1. Schedule Workflow via CSV
- 2. Custom Playbook - report based custom policy
- 3. Custom Playbook - event based custom policy
- 4. Open REST API
1. Schedule Workflow via CSV
You can schedule a workflow to run on a recurring basis, with the input for that workflow being provided in CSV files hosted in an external data source. To do this, open a workflow, then select Action > Schedule in the top right hand corner
Provide a name for the schedule and select a workflow that you want to run on a recurring basis, then click Next
You can import the source file using:
- URL
- FTP
- FTPS
- SFTP
Then, you map the inputs in the specified .csv file to the names of the workflow execution inputs. Then, you can choose the scheduling options.
Note: You should ensure that all expected column names in the specified .csv source are matched exactly to the names of the workflow execution inputs. If some of the column names do not match, the workflow will run based on the input names that match CSV column names, but it could fail or not be executed correctly.
If the workflow was run against multiple entries in the CSV file, then there will be several workflows performed (jobs here), and each will have its own id. Once all workflow(s) (jobs) are executed, the original CSV file will be substituted with a file that has the aggregation id appended to the original filename - this is generated using the date and time that the workflow was performed plus aggregation id for all jobs performed by the workflow. So, the aggregation id is generated to combine the results from the multiple jobs performed.
2. Custom Playbook - report based custom policy
Report based custom policies can be created from nearly all reports in the Reports section of the CoreView platform, and then be added to a custom playbook. They are used to search for defined criteria, such as disabled users that still have a licence assigned to them, and each custom policy can be configured with a remediation action. This remediation could be a notification or a workflow, and can be manually triggered or run automatically based on a schedule.
Create a custom policy
There are two ways to create a report based custom policy:
Within a report, select the criteria against which you wish to run an automated remediation e.g. from within the Active users report you may decide to filter on blocked credential is true, and where licenses is not empty. From the top right hand corner, select Actions > Create Custom Policy.
Alternatively, you can create a custom policy from within Settings > Playbooks and then select Create Policy from the Create New menu in the top right hand corner
Provide a name and description for your policy. You can choose an existing category for the policy or create a new one. You can also decide to add the custom policy to an existing playbook, or create a new one.
If you have created the policy from a report, the criteria for the policy will already be populated. In this case the report was filtering on shared mailboxes that have a licence assigned.
If you created the policy from the playbook settings menu you will need to define criteria. Firstly you will need to decide your target - this will then determine the attributes that will be available for your policy
Add columns and filters to the report as needed to create your policy.
Setup remediation for your policy
In the next stage, enable remediation and choose Run workflow from the drop down menu. Select the workflow that is appropriate for your workflow.
You can use the Preview button to verify that the selected workflow is the one you require. You will be asked to map the variables defined within the execution inputs of your workflow to their column in the report. If the names of the variables in your workflow match the column headers in your report, the Automap button can be used to automatically match them. Otherwise, use the lighting bolt on each input to define which column in the report should be used
You may choose to run the remediation on a manual basis, or on recurring schedule. To set a schedule, select Schedule Recurrence from the drop down menu
Then set your recurrence
Exceptions
If you wish to exclude objects from having an automatic workflow remediation, you can do so by clicking on the Matched Items from the relevant policy
and then selecting the objects where you wish to apply an exception and select Set As Exception.
You will be able to define how long you wish to exclude the object from a particular policy e.g. for a user on maternity leave you could exclude them for a specific amount of time
3. Custom Playbook - event based custom policy
As well as being able to create custom policies from CoreView reports, it is also possible to create custom policies from CoreView audit reports. The main difference between remediations for report based custom policies and remediations for event based custom policies is that report based custom policy remediations can be run on a pre-defined schedule such as every 2 hours, and event based custom policy remediations occur as soon as the event is seen in the audit logs (alerting).
Create a custom policy
To create an event-based custom policy:
Within an audit report, select the criteria against which you wish to run an automated remediation e.g. from within the Microsoft 365 Audit Activities report you may decide to filter on events where an administrator has made a change to a DLP policy. From the top right hand corner, select Actions > Create Custom Policy.
Alternatively, you can create a custom policy from within Settings > Playbooks and then select Create Policy from the Create New menu in the top right hand corner
Provide a name and description for your policy. You can choose an existing category for the policy or create a new one. You can also decide to add the custom policy to an existing playbook, or create a new one.
From the drop down target menu, select Audit Activities.
Add columns and filters to the report as needed to create your policy.
Setup remediation for your policy
In the next stage, enable remediation and choose Run workflow from the drop down menu. Select the workflow that is appropriate for your workflow. Note the comment about this being an event based remediation, and as such it will run whenever an event is detected. You will not be able to define a schedule.
You can use the Preview button to verify that the selected workflow is the one you require. You will be asked to map the variables defined within the execution inputs of your workflow to their column in the report. If the names of the variables in your workflow match the column headers in your report, the Automap button can be used to automatically match them. Otherwise, use the lighting bolt on each input to define which column in the report should be used
Exceptions
It is not possible to set exceptions on event based remediations. If you wish to exclude particular events or users, you should filter them out when creating your custom policy.
4. Open REST API
To get started, you will need your API key, CompanyId, and the Workflow public API URL to call the Workflow public API.
4a. How to Obtain your API Key
- Once logged in your CoreView portal with administrative rights, select Settings > API keys
- Add new API key by clicking on the "Add new API key”. You will add an 'App Name' (in this example, we have called ours "Workflow"), an "Expiration date" (defaults to one year), and any comments that you want to put in the "Notes" field.
Important: As soon as you created the API key, you need to copy it as that won’t be visible anymore:
- Click the blue checkmark in the top right of the dialog box to save.
4b. How to Obtain your Companyid and Environment
For your CompanyId and your environment, please contact the CoreView Support Team and refer to the following table for identifying the right URLs to use:
V2 API URLs | |
Authentication | https://www.loginportal.online/api/auth |
Europe | https://coreflowapi.coreview.com |
Canada | https://coreflowcaeapi.coreview.com |
AUS | https://coreflowausapi.coreview.com |
East US | https://coreflowusapi.coreview.com |
Gov US | https://coreflowusgovapi.coreview.com |
4c. Setting up Postman to test triggering workflows with the CoreView API
- Import the postman script into your Postman.
- Set up your environment variables as follows
4d. Use your API Key to get a JWT token
The API Key generated in the previous step does not allow you to run a Workflow directly. This API Key allows you to call the CoreView Central Authentication API to get a JWT token, which you can use to trigger a Workflow.
Use the following URL based on your environment:
| V2 API URLs |
Authentication | https://www.loginportal.online/api/auth |
Please refer to the "Get JWT Token" request on the attached Postman collection document for reference.
You need to use your API Key as the Bearer Token in the Authorization of the Request.
Calling this API will give you this JSON output:
{
"userId": "123456",
"sessionId": "dflkgdfklgjdlkfgjpfg",
"userName": "username",
"displayName": " displayName ",
"bearerToken": "eyJ0exxxxxxxxxxxxxxx",
"refreshToken": "eyJ0eXAxxxxxxxxxxxx",
"profileUrl": "xxxxxxxxx",
"roles": [
"Service"
],
"permissions": [],
"responseStatus": {}
}
Keep the bearerToken value (your JWT token) you received so that you can reuse it to trigger your workflow. You can also save the refreshToken to ask for a new JWT token if this one expires.
4e. Run your Workflow
The CoreFlow API can now be called using the JWT token obtained in the previous step to start a workflow.
Looking to the Postman collection, check the "Start Manual Executions" request.
To trigger your workflow, identify your workflow Id from your workflow definition details in CoreView (see screenshot below):
Make sure in your request that:
- The JWT token you got from the previous call is set as your Bearer Token in this request,
- Your workflowId parameter is set as part of the request URL,
- Your companyId is set into the "x-scompany" header.
Lastly, identify the required properties of your workflow input, looking into your workflow definition (Editing your workflow and clicking on the "Configure Execution Inputs"):
Required inputs need to be sent in the request body as properties from the JSON (see the example below in Postman highlighting how to set input properties):
As per supported values types (string, number, or boolean), values set as properties in the request follow the definition of those types in JSON.
Let's recap all steps for this request to be ready:
- Set the Bearer token to the JWT value you got from the previous call,
- Set the workflowId you want to run in the REST API path,
- Set the HTTP header "x-scompany" to your companyId value,
- Set the required inputs from your workflow into the request body.
From that point, send your request, and your workflow will be on its way!
Happy workflows!
Open API Attachment json:
Attachments (1)