Action Credentials for People actions

From the Actions menu, at the top-right of the people details page, you can select predefined actions related to the person in question.

To execute these actions, Ivanti Neurons needs credentials with the correct set of permissions.
These permissions might not be identical to what a connector needs to synchronize data into Ivanti Neurons.
And from a security perspective, you may not want a connector to always have the privileges needed to perform actions when it is only synchronizing data.

To accommodate this, connectors that can be used to perform actions have a separate set of Action Credentials. Please make sure that the credentials you provide, have the permissions that are required to execute the available actions.
Action Credentials are specified in the connector settings, under Action details.

Performing actions for Microsoft Azure Active Directory

The Microsoft Azure Active Directory connector can synchronize data if it has permissions to read and export user information (for details, go to Microsoft Entra ID connector).
In contrast, to perform the actions in the people details page, you must create an app in Azure Active Directory with the following permissions:

  • User.ReadWrite.All
  • User.ManageIdentities.All
  • Directory.ReadWrite.All
  • Directory.AccessAsUser.All

For information on creating the app, see How to set up an Azure Active Directory (AD) or Azure Intune Connector

Credentials

To specify the credentials, you need the following data for the app you create in Azure Active Directory :

  • Directory (tenant) ID: The ID of the tenant you created in Azure Active Directory.
  • Application (client) ID: The ID of the application you created in Azure Active Directory.
  • Client secret: The client secret associated with the application you created in Azure Active Directory.

This data can be:

  • filled as Action Credentials on the Microsoft Azure Active Directory connector. For details, go to Microsoft Entra ID connector.
    or
  • used to create separate Azure AD (Cloud) credentials. For details, go to Credentials.