We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Azure AD CreateGroupJSON parameter to distinguish PUBLIC from PRIVATE groups

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on January 14 2022 at 14:10 UTC

We are able to create groups in MS Teams Azure AD through the AzureAD connector's interface for CreateGroupJSON. That works fine. The issue we are facing is that it creates a PUBLIC group in Teams by default, allowing all users access to see it. We have a requirement to ensure these groups are created with a PRIVATE flag, making them invisible to the Teams population.


Is there a parameter that we might be able to specify either in the connector or elsewhere to ensure the group is made PRIVATE?


This is our CreateGroupJSON:


{

   "connection":"userAuth",

   "url":"https://graph.microsoft.com/v1.0/groups",

   "httpMethod": "POST",

   "httpParams": "{ \"description\":\"${roles.description}\", \"displayName\":\"${roles.displayname}\", \"groupTypes\":[ \"${(roles.customproperty21=='Office365')?'Unified':''}\" ], \"mailEnabled\":\"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\":\"${roles.displayname}\", \"securityEnabled\":\"${roles.customproperty23 == '1' ? true : false}\", \"owners@odata.bind\":[ \"${allOwner}\" ] }",

   "httpHeaders": {

      "Authorization": "${access_token}",

      "Content-Type": "application/json"

   },

   "httpContentType": "application/json"

}


Below are 2 snippet images:


1.  From a Teams admin listing the bogus groups that Saviynt created, which are shown as PUBLIC, and which we'd like to provision as PRIVATE by default, in case this image helps:


image


2.  From a regular user listing what I believe needs to happen, though this is from a different Teams area.


image


Thanks, Tessa



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on January 24 2022 at 12:48 UTC

Hi Tessa, 


Thank you for posting your question,


You can make use of "visibility": "Private" to solve this problem. Also please go through the below microsoft documentation on group creation for reference. 


https://docs.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0&tabs=http


Thanks & Regards, 

Belwyn.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on January 24 2022 at 18:32 UTC

I added that visibility parameter to the Saviynt CreateAccountJSON field, and tested it. It worked!


Thanks, Tessa

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.