> ## Documentation Index > Fetch the complete documentation index at: https://docs.tracecat.com/llms.txt > Use this file to discover all available pages before exploring further. # Microsoft Entra > Reference for the Tracecat Microsoft Entra integration: registered actions, required secrets, expected inputs, and example workflow usage. ## Add user to group Action ID: `tools.microsoft_entra.add_user_to_group` Add a Microsoft Entra ID user to a group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the group. The unique identifier of the user (directory object) to add. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Create group Action ID: `tools.microsoft_entra.create_group` Create a Microsoft Entra ID group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields Properties for the new group resource (displayName, mailEnabled, mailNickname, securityEnabled, etc.). Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Create user Action ID: `tools.microsoft_entra.create_user` Create a Microsoft Entra ID user account. Reference: [https://learn.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields User properties for the request body (e.g. accountEnabled, displayName, mailNickname, userPrincipalName, passwordProfile). Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Delete group Action ID: `tools.microsoft_entra.delete_group` Delete a Microsoft Entra ID group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-delete?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-delete?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the group to delete. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Delete user Action ID: `tools.microsoft_entra.delete_user` Delete a Microsoft Entra ID user. Reference: [https://learn.microsoft.com/en-us/graph/api/user-delete?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-delete?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the user to delete. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Get group Action ID: `tools.microsoft_entra.get_group` Retrieve details for a Microsoft Entra ID group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-get?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-get?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the group to retrieve. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. Optional related entities to expand in the response. Default: `null`. Optional set of group properties to return. Default: `null`. ## Get user Action ID: `tools.microsoft_entra.get_user` Retrieve details for a Microsoft Entra ID user. Reference: [https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the user to retrieve. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. Optional related entities to expand in the response. Default: `null`. Optional set of user properties to return. Default: `null`. ## Get user ID by email Action ID: `tools.microsoft_entra.get_user_id_by_email` Get a user's ID by searching for their email address in mail or userPrincipalName. Reference: [https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The email address to search for. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## List groups Action ID: `tools.microsoft_entra.list_groups` List Microsoft Entra ID groups with optional OData queries. Reference: [https://learn.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. Set ConsistencyLevel=eventual for advanced queries when required by Microsoft Graph. Default: `false`. Optional related entities to expand in the response. Default: `null`. Optional OData \$filter expression. Default: `null`. Optional maximum page size to request via Prefer=odata.maxpagesize. Default: `null`. Optional OData \$orderby expression. Default: `null`. Optional search phrase. Use quoted property names as documented, for example "displayName:Engineering". Default: `null`. Optional set of group properties to return. Default: `null`. Opaque continuation token from a previous response (\$skiptoken). Default: `null`. Maximum number of results to return in a single page (\$top). Default: `null`. ## List users Action ID: `tools.microsoft_entra.list_users` List Microsoft Entra ID users with optional OData query parameters. Reference: [https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. Set ConsistencyLevel=eventual for advanced queries when required by Microsoft Graph. Default: `false`. Include @odata.count in the response by setting \$count=true. Default: `false`. Optional related entities to expand in the response. Default: `null`. Optional OData \$filter expression. Default: `null`. Optional maximum page size to request via Prefer=odata.maxpagesize. Default: `null`. Optional OData \$orderby expression. Default: `null`. Optional search phrase. Use quoted property names per Microsoft Graph syntax, for example "displayName:Alex". Default: `null`. Optional set of user properties to return. Default: `null`. Opaque continuation token from a previous response (\$skiptoken). Default: `null`. Maximum number of results to return in a single page (\$top). Default: `null`. ## Remove user from group Action ID: `tools.microsoft_entra.remove_user_from_group` Remove a Microsoft Entra ID user from a group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-delete-members?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-delete-members?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the group. The unique identifier of the user (directory object) to remove. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Update group Action ID: `tools.microsoft_entra.update_group` Update properties on a Microsoft Entra ID group. Reference: [https://learn.microsoft.com/en-us/graph/api/group-update?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/group-update?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields The unique identifier of the group to update. Group properties to update as defined in the Microsoft Graph group resource. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`. ## Update user Action ID: `tools.microsoft_entra.update_user` Update properties on a Microsoft Entra ID user. Reference: [https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0) ### Secrets Optional secrets: * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_USER_TOKEN`. * `microsoft_entra_oauth`: OAuth token `MICROSOFT_ENTRA_SERVICE_TOKEN`. ### Input fields User properties to update as defined in the Microsoft Graph user resource. The unique identifier of the user to update. Microsoft Graph API version. Default: `"v1.0"`. Base URL for the Microsoft Graph API. Default: `"https://graph.microsoft.com"`. Allowed values: `https://graph.microsoft.com`, `https://graph.microsoft.us`.