Deploy a sample logic app, to use as Entitlement Management custom extensions

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Visualize

This template creates a simple logic app with all the authorization policy settings and schema to http trigger that is needed by Azure AD entitlement management custom action API.

Below are the parameters that the template expects.

Name Description
name Name for the logic app.
catalogId CatalogId of the Azure AD entitlement management catalog, where you are going to use this logic app.
resourceApplicationId Azure AD application Id which will be used by entitlement management as a resource in token and will be added to logic auth settings to verify this as audience.

Then, the arm template will achieve the following:

  • Create a logic app
  • Add authorization policy settings to verify Entitlement Management call
  • Policy setting has the Entitlement Management first party appid (810dcf14-1858-4bf2-8134-4c369fa3235b), to verify that it is Entitlement Management which is calling this logic app.
  • And finally, adds schema to http trigger to match the message schema that is used by Entitlement Management

Tags: Microsoft.Logic/workflows, Request, object, string, If, AAD