Has anyone created a workflow for Azure VDI for the following (offboarding a user)
1)Revoke the user access from Azure VDI.
2) Removing a user from their role
3)Terminating the session host (user virtual machine).
I know this has to be done via the Rest API within Azure and making a connection through Okta Workflows but wanted to see if anyone may have a template out there or screenshot (with redacted info they may be willing to share).
Here is some documentation from MS in the Azure API that I found:
Hi @WFadmin78 — Welcome to the Workflows community forum!
I asked on the Mac Admins Slack (#okta-workflows channel) if anyone has an example to share here.
Your high-level steps are correct. You would create a connection to Azure VDI and then make calls to its API to revoke, remove, or terminate a user’s session.
Hey Max,
So here is the problem I am running into.
I can do an API call to DISCONNECT and DELETE per this.
But if we are terming a user and our push groups remove them from the groups in Azure, where would I have to stick the API calls into the process in order to ensure we get their session id before it disappears.
We are trying to solve for the fact that when we term someone in our systems, they get removed from their groups but the user still is connected to their Azure VDI terminal after the fact.
I think you should first disconnect the user session. This is still a valid user state—just no active session. Then, delete the user. I’m going to confirm this.
