🧵 Just recorded an AMAZING episode on extending Microsoft Entra ID Jan Bakker is a wizard at automating Entra and making it do new things! Here are 7 tips from the king of Entra automation: 👇

2️⃣ The Undervalued Trigger Office 365 Groups connector (yes, it works for Security Groups too) Trigger on membership changes → entire automation frameworks Dynamic groups auto-populate → Logic App fires → magic happens ✨

3️⃣ Event Hub Pattern Forward audit logs to Event Hub (not Log Analytics) 1-day retention = pennies Real-time triggers Conditional processing (only fire on specific events)

4️⃣ Graph API First Microsoft ships APIs 6 months before portal UI Learn to read Graph docs = ship features TODAY Example: TAP API existed, no UI → Jan built Power App → customers deployed in 2 hours → MS added UI 3 months later

5️⃣ Dynamic Groups = Intelligence Not just for license assignment! Disabled accounts → auto-revoke tokens MFA changes → notification group Guest patterns → allow/block CA policies Stale accounts → cleanup workflow P1/P2 feature, infinite use cases 🎯

6️⃣ Self-Service + Automation mygroups.microsoft.com = built-in request/approve Add Office 365 Groups trigger → extend with Logic Apps Request access → approval flow → downstream actions No Power App needed for simple scenarios! 🤯

7️⃣ The Mindset "Can I do X?" → YES The building blocks exist: ✅ Graph API (backend) ✅ Logic Apps (orchestration) ✅ Event Hub (triggers) ✅ Dynamic Groups (intelligence) ✅ HTTP connector (unlimited integration) You're just rearranging Lego blocks 🧱