Skip to main content
This action automates the complex process of setting up new users in Microsoft 365 or removing departing users. It handles everything from creating accounts and assigning licenses to managing mailboxes and updating your PSA records.
Automating user lifecycle management saves significant time, reduces errors, and ensures security protocols are consistently followed. No more manually creating accounts, forgetting to block departing users, or missing steps in your onboarding/offboarding checklist.
This action is available only as a triggered action in workflows.

Quick start

1

Choose process type

Select whether you’re onboarding a new user or offboarding a departing user.
2

Configure approval settings

Set up human approval via Teams before making any changes (highly recommended for security).
3

Select process steps

Choose which steps to enable: account creation, license management, group membership, mailbox handling, etc.
4

Add custom instructions

Provide specific guidance for unique scenarios or company-specific requirements.

How it works

This action manages comprehensive user lifecycle processes:
  1. Analyzes the request - Reviews ticket content to understand onboarding/offboarding requirements
  2. Creates execution plan - Develops step-by-step plan based on your configuration
  3. Requests approval - Sends approval request to designated approvers if enabled
  4. Executes M365 changes - Creates/removes accounts, manages licenses, handles groups
  5. Manages security - Blocks access, handles device wipes, manages mailbox conversion
  6. Updates records - Creates/deactivates PSA contacts and updates ticket information

Setup

Process type: Choose what you want to accomplish:
  • Onboard a User: Set up a new employee with M365 access
  • Offboard a User: Remove departing employee and secure their data
Approval settings: Have designated people review and approve requests before execution. Select who gets approval requests in Teams. License management: Choose how to handle Microsoft licenses:
  • Direct Microsoft: Manage licenses directly through Microsoft
  • Pax8: Use your Pax8 account for license management
  • Microsoft Partner Center: Use Partner Center for licensing
Password handling (onboarding): Choose how new passwords are shared:
  • Secure Link: Create a one-time password link via Password Pusher
  • Direct Message: Include password directly in messages
  • No Sharing: Don’t share passwords automatically
Process steps: Control which steps happen during onboarding or offboarding. Custom instructions (optional): Provide specific instructions for unique scenarios or company-specific requirements.

What you get

After the action runs, you’ll see a complete log of all steps taken during the onboarding/offboarding process, detailed reports for your team about what was accomplished, appropriate communications for the end user (like new account details), any ticket updates that were applied, and confirmation of whether the process completed successfully.

Common use cases

Automate complete M365 setup for new hires including account creation, license assignment, group membership, and PSA contact creation.
Secure offboarding with access blocking, mailbox conversion, license removal, and device wipes while preserving important data.
Create limited access accounts for temporary contractors with basic licenses and contractor-specific group memberships.
Update group memberships, adjust license assignments, and update PSA contact details when employees move between departments.

Best practices

Enable approval workflows for all user lifecycle changes. This provides essential oversight and prevents accidental changes.
Configure onboarding and offboarding steps to match your organization’s procedures. Start with basic steps and add more as you gain confidence.
Try the action with test user accounts before using it for real employees to ensure processes work as expected.
Use custom instructions to handle unique scenarios or company-specific requirements that aren’t covered by standard steps.
Ensure your HR team understands the process and provides clear, complete information in tickets for best results.
If using Pax8 or Partner Center, ensure your license management integration is properly configured and monitored.

Example workflows

  1. Trigger: HR submits ticket for new hire
  2. Onboard M365 User - Create account, assign licenses, add to groups, create PSA contact
  3. Notify Internal Team - Alert IT and HR about completion
  4. Result: Complete M365 setup ready for employee’s first day
  1. Trigger: Employee departure ticket created
  2. Offboard M365 User - Block access, convert mailbox, remove licenses, wipe devices
  3. Add Ticket Note - Document all security steps taken
  4. Notify Internal Team - Confirm secure offboarding completion
  5. Result: Comprehensive security measures with complete documentation
  1. Trigger: Contractor setup/removal ticket
  2. Onboard/Offboard M365 User - Limited access setup or secure removal
  3. Update Ticket Fields - Mark completion and update contract tracking
  4. Result: Controlled access management for temporary workers