Skip to main content

Data retrieved by Microsoft Entra ID connector

Data retrieved by the Microsoft Entra ID connector that is stored by Snow.

User

API property	Description
accountEnabled	`true` if the account is enabled; otherwise, `false`
displayName	The name displayed in the address book for the user. This is usually the combination of the user's first name, middle initial and last name.
givenName	The given name (first name) of the user.
id	The unique identifier for the user.
mail	The SMTP address for the user.
surname	The user's surname (family name or last name).
userPrincipalName	The user principal name (UPN) of the user.
userType	A string value that can be used to classify user types in your directory, such as Member and Guest.
createdDateTime	The created date of the user object.
deletedDateTime	The date and time the user was deleted.
country	The country/region in which the user is located; for example, US or UK.
department	The name for the department in which the user works.
employeeOrgData.costCenter	The cost center associated with the user.
externalUserState	For an external user invited to the tenant using the invitation API, this property represents the invited user's invitation status.
jobTitle	The user's job title.
onPremisesLastSyncDateTime	Indicates the last time at which the object was synced with the on-premises directory.
onPremisesSyncEnabled	Three states: `true` if this object is synced from an on-premises directory `false` if this object was originally synced from an on-premises directory but is no longer synced `null` if this object has never been synced from an on-premises directory (default)
onPremisesDistinguishedName	Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.

Group

API property	Description
displayName	The display name for the group.
description	An optional description for the group.
groupTypes	Specifies the group type and its membership.
id	The unique identifier for the group.
mail	The SMTP address for the group, for example, `serviceadmins@companyemail.com`.
mailEnabled	Specifies whether the group is mail-enabled.
membershipRule	The rule that determines members for this group if the group is a dynamic group.
securityEnabled	Specifies whether the group is a security group.
visibility	Specifies the group join policy and group content visibility for groups.
createdDateTime	Timestamp of when the group was created.
expirationDateTime	Timestamp of when the group is set to expire.
deletedDateTime	Timestamp of when the group was deleted.
renewedDateTime	Timestamp of when the group was last renewed.
onPremisesSyncEnabled	Three states: `true` if this group is synced from an on-premises directory `false` if this group was originally synced from an on-premises directory but is no longer synced `null` if this group has never been synced from an on-premises directory (default)
onPremisesLastSyncDateTime	Indicates the last time at which the group was synced with the on-premises directory.

CredentialUserRegistration

API property	Description
userPrincipalName	Provides the user principal name of the corresponding user.
isRegistered	Indicates whether the user has registered any authentication methods for self-service password reset.
isEnabled	Indicates whether the user enabled to perform self-service password reset.
isCapable	Indicates whether the user is ready to perform self-service password reset or MFA.
isMfaRegistered	Indicates whether the user is registered for MFA.
authMethods	Represents the authentication method that the user has registered.