Revoke-Entra ID SignInSessions alert trigger
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Content Index
This playbook will revoke all signin sessions for the user using Graph API. It will send an email to the user's manager.
Logic App Connectors
This playbook uses 4 Logic App connectors / built-in actions:
Action parameters (URLs, paths, function IDs)
| Action |
Method |
Endpoint |
Other |
| Alert_-_Get_incident |
get |
/Incidents/subscriptions/@{encodeURIComponent(triggerBody()?['WorkspaceSubscriptionId'])}/resourceGroups/@{encodeURIComponent(triggerBody()?['WorkspaceResourceGroup'])}/workspaces/@{encodeURIComponent(triggerBody()?['WorkspaceId'])}/alerts/@{encodeURIComponent(triggerBody()?['SystemAlertId'])} |
— |
| Entities_-_Get_Accounts |
post |
/entities/account |
— |
| Add_comment_to_incident_(V3) |
post |
/Incidents/Comment |
— |
| Action |
Method |
Endpoint |
Other |
| Send_an_email_(V2) |
post |
/v2/Mail |
— |
| Action |
Method |
Endpoint |
Other |
| Get_manager_(V2) |
get |
/codeless/v1.0/users/@{encodeURIComponent(concat(items('For_each')?['Name'], '@', items('for_each')?['UPNSuffix']))}/manager |
— |
http (Built-in)
| Action |
Method |
Endpoint |
Other |
| HTTP |
POST |
https://graph.microsoft.com/v1.0/users/@{concat(items('For_each')?['Name'], '@', items('for_each')?['UPNSuffix'])}/revokeSignInSessions |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to Microsoft Entra ID