Skip to content
Tallyfy

Automating Microsoft Entra ID with Power Automate

Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based identity service. Power Automate pairs well with it for automating repetitive identity admin tasks - especially when you’re managing Tallyfy members and their access through SSO.

Why automate Entra ID for Tallyfy

Power Automate can handle the busywork: onboarding users who need Tallyfy access, removing people when they leave, managing group-based roles, and generating compliance reports.

  • Sync members automatically: When your Tallyfy member list ties to Entra ID groups, Power Automate adds and removes users for you.
  • Control access through SSO: Link Tallyfy SSO to Entra ID security groups, then let Power Automate manage group membership.
  • Generate compliance reports: Pull Entra ID group membership data for quarterly access reviews in seconds.

Key Entra ID actions for Tallyfy integration

Here’s what Power Automate offers for Entra ID and Tallyfy:

  • Entra ID Connector: The main tool for user and group operations affecting Tallyfy access. See understanding Power Automate basics for connector fundamentals.
    • Get user profile (V2) and Get manager (V2): Pull user details for Tallyfy task assignments.
    • Create user, Update user, Delete user: Automate the full user lifecycle - joining, changing roles, or leaving.
    • Add user to group, Remove user from group: Control which Entra ID groups grant Tallyfy access.
    • List group members, List users: Build “who has access to what” reports.
  • Office 365 Groups Connector: Useful if you organize teams needing Tallyfy access through Microsoft 365 Groups.
  • HTTP with Microsoft Graph API (Advanced): For anything the standard connectors can’t handle - like pulling custom user attributes for Tallyfy role assignments. See connecting Power Automate to external data.

Example - add a new Tallyfy member to an Entra ID group

Scenario: Sales members joining Tallyfy should be automatically added to a “Tallyfy Users” Entra ID security group.

This assumes you have a trigger for when someone joins Tallyfy. Tallyfy supports webhooks for member events (like user invited and user activated), or you could use an HR system trigger. For this demo, we’ll use a manual trigger.

  1. Trigger: Manually trigger a flow (for demo purposes).

    • Add input fields: User Email (Text), Job Title (Text).

  2. Action: Entra ID - “Get user (V2)”.

    • User UPN or ID: Use User Email from the trigger. This retrieves the user’s Entra ID profile, including the Object ID you’ll need for group management.

  3. Control: “Condition”.

    • See using conditional logic for details.
    • Value 1: Job Title from the trigger.
    • Operator: contains (or is equal to for exact matches).
    • Value 2: Sales.

  4. IF YES branch: Entra ID - “Add user to group”.

    • Group Id: The Object ID of your “Tallyfy Sales Users” security group (find it in Azure portal under Microsoft Entra ID > Groups).
    • User Id: The Id (Object ID) from the “Get user (V2)” output.

  5. Save and test. See managing and monitoring flows for testing tips.

Example - monthly Tallyfy access review report

Scenario: You need a monthly CSV report of everyone in your “Tallyfy General Access” Entra ID group, emailed automatically.

  1. Trigger: Recurrence.

    • Interval: 1, Frequency: Month.
    • Pick a specific day and time.

  2. Action: Entra ID - “List group members”.

    • Group Id: The Object ID of your “Tallyfy General Access” group.

  3. Action: “Create CSV table” (Data Operation).

    • See working with data operations and variables for help.
    • From: The value output from “List group members” (an array of users).
    • Columns: Choose Custom.
      • Header 1: UserPrincipalName, Value: User Principal Name.
      • Header 2: DisplayName, Value: Display Name.

  4. Action: “Send an email (V2)” (Outlook 365).

    • To: Administrator’s email.
    • Subject: Monthly Tallyfy User Access Review Report.
    • Body: Monthly report of users in the 'Tallyfy General Access' group.
    • Under Show advanced options:
    • Attachments Name - 1: TallyfyUserReport.csv.
    • Attachments Content - 1: Output from the “Create CSV table” action.

  5. Save and test.

HTTP connector for advanced Entra ID tasks

When the standard connector falls short - say you need custom user properties for Tallyfy role assignments - use the HTTP action with Microsoft Graph API. Full details in connecting Power Automate to external data.

You’ll need to set up:

  1. App Registration in Entra ID with the right API permissions.
  2. Secure credentials in your HTTP action.
  3. HTTP Action Configuration - method, URI, headers, and body for Graph API calls.
  4. Parse JSON Action to make the response usable in your flow.

This approach requires familiarity with Entra ID app registrations and Graph API, but it opens up far more flexibility.

Tips for Tallyfy and Entra ID automation

  • Least privilege: Give API permissions and service accounts only what they need.
  • Use Object IDs, not display names: Display names change. Object IDs don’t. Always reference groups by Object ID in your flows.
  • Test with real permissions: If regular users run these flows, test under their account - not your admin credentials.
  • Automate the full lifecycle: Hook into Entra ID lifecycle events to provision and deprovision Tallyfy members automatically. This pairs well with SSO.

Middleware > Power Automate

Microsoft Power Automate serves as a no-code bridge between Tallyfy and your other business systems—including Office 365 and SharePoint and Dynamics—using a Premium-tier OAuth 2.0 connector with 13 actions to sync data and automatically launch processes or complete tasks based on events happening across your entire software stack.

Authentication > Integrate Microsoft Entra ID SSO

Tallyfy integrates with Microsoft Entra ID (formerly Azure Active Directory) for SAML-based single sign-on by having an admin create an enterprise app in Entra ID and exchange SAML configuration values and certificates with Tallyfy Support so that users can log in automatically and get accounts provisioned on first access.

Power Automate > Connect Tallyfy to Power Automate

Tallyfy’s Premium connector for Microsoft Power Automate lets you link Tallyfy with Office 365 and thousands of other apps by simply searching for “Tallyfy” in Power Automate and signing in with OAuth 2.0 to start automating workflows in both directions.

Power Automate > Understanding Power Automate basics

Power Automate connects Tallyfy to your other business apps by using triggers and actions to automatically launch processes and create tasks based on external events like emails or CRM updates while Tallyfy handles the human side of structured workflow management and collaboration.
Get in touch
About Tallyfy