MicrosoftDocs
diff --git a/‎articles/active-directory/governance/check-workflow-execution-scope.md‎
Lines changed: 2 additions & 1 deletion b/‎articles/active-directory/governance/check-workflow-execution-scope.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/active-directory/governance/lifecycle-workflow-extensibility.md‎
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/governance/lifecycle-workflow-extensibility.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/governance/lifecycle-workflow-tasks.md‎
Lines changed: 183 additions & 3 deletions b/‎articles/active-directory/governance/lifecycle-workflow-tasks.md‎
Lines changed: 183 additions & 3 deletions
@@ -14,7 +14,8 @@ ms.reviewer: krbain
 ms.collection: M365-identity-device-management
 ---
 
-# Check execution user scope of a workflow
+# Check execution user scope of a workflow 
+
 
 Workflow scheduling will automatically process the workflow for users meeting the workflows execution conditions. This article walks you through the steps to check the users who fall into the execution scope of a workflow. For more information about execution conditions, see: [workflow basics](../governance/understanding-lifecycle-workflows.md#workflow-basics).
 
 
@@ -13,7 +13,7 @@ ms.custom: template-concept
 ---
 
 
-# Lifecycle Workflows Custom Task Extension (Preview)
+# Lifecycle Workflows custom task extension
 
 
 Lifecycle Workflows allow you to create workflows that can be triggered based on joiner, mover, or leaver scenarios. While Lifecycle Workflows provide several built-in tasks to automate common scenarios throughout the lifecycle of users, eventually you may reach the limits of these built-in tasks. With the extensibility feature, you're able to utilize the concept of custom task extensions to call-out to external systems as part of a workflow. For example, when a user joins your organization you can have a workflow with a custom task extension that assigns a Teams number, or have a separate workflow that grants access to an email account for a manager when a user leaves. With the extensibility feature, Lifecycle Workflows currently support creating custom tasks extensions to call-out to [Azure Logic Apps](../../logic-apps/logic-apps-overview.md).
@@ -67,10 +67,10 @@ The response can be authorized in one of the following ways:
 The high-level steps for the Azure Logic Apps integration are as follows:
 
 > [!NOTE]
-> Creating a custom task extension and logic app through the Azure portal will automate most of these steps. For a guide on creating a custom task extension this way, see: [Trigger Logic Apps based on custom task extensions (Preview)](trigger-custom-task.md).
+> Creating a custom task extension and logic app through the Azure portal will automate most of these steps. For a guide on creating a custom task extension this way, see: [Trigger Logic Apps based on custom task extensions](trigger-custom-task.md).
 
 - **Create a consumption-based Azure Logic App**: A consumption-based Azure Logic App that is used to be called to from the custom task extension.
-- **Configure the Azure Logic App so its compatible with Lifecycle workflows**: Configuring the consumption-based Azure Logic App so that it can be used with the custom task extension. For more information, see: [Configure a Logic App for Lifecycle Workflow use (Preview)](configure-logic-app-lifecycle-workflows.md)
+- **Configure the Azure Logic App so its compatible with Lifecycle workflows**: Configuring the consumption-based Azure Logic App so that it can be used with the custom task extension. For more information, see: [Configure a Logic App for Lifecycle Workflow use](configure-logic-app-lifecycle-workflows.md)
 - **Build your custom business logic within your Azure Logic App**: Set up your business logic within the Azure Logic App using Logic App designer.
 - **Create a lifecycle workflow customTaskExtension which holds necessary information about the Azure Logic App**: Creating a custom task extension that references the configured Azure Logic App.
 - **Update or create a Lifecycle workflow with the “Run a custom task extension” task, referencing your created customTaskExtension**: Adding the newly created custom task extension to a new workflow, or updating the information to an existing workflow.
 
@@ -253,6 +253,96 @@ For Microsoft Graph, the parameters for the **Generate Temporary Access Pass and
 
 ```
 
+### Send email to notify manager of user move
+
+When a user moves within your organization Lifecycle Workflows allow you to send an email to the users manager notifying them of the move. You're also able to customize the email that is sent to the user's manager.
+
+:::image type="content" source="media/lifecycle-workflow-task/notify-user-move-task.png" alt-text="Screenshot of the notify manager of user move task.":::
+
+The Azure AD prerequisite to run the **Send email to notify manager of user move** task are:
+
+- A populated manager attribute for the user.
+- A populated manager's mail attribute for the user.
+
+For Microsoft Graph the parameters for the **Send email to notify manager of user move** task are as follows:
+
+|Parameter |Definition  |
+|---------|---------|
+|category    |  Mover      |
+|displayName     |  Send email to notify manager of user move (Customizable by user)       |
+|description     |  Send email to notify user’s manager of user move (Customizable by user)        |
+|taskDefinitionId     |   aab41899-9972-422a-9d97-f626014578b7      |
+
+```Example for usage within the workflow
+{
+            "category": "mover",
+            "continueOnError": true,
+            "displayName": "Send email to notify manager of user move",
+            "description": "Send email to notify user’s manager of user move",
+            "isEnabled": true,
+            "taskDefinitionId": "aab41899-9972-422a-9d97-f626014578b7",
+            "arguments": [
+                {
+                "name": "cc",
+                "value": "b47471b9-af8f-4a5a-bfa2-b78e82398f6e, a7a23ce0-909b-40b9-82cf-95d31f0aaca2"
+                },
+                {
+                "name": "customSubject",
+                "value": "Reminder that {{userDisplayName}} has moved."
+                },
+                {
+                "name": "customBody",
+                "value": "Hello {{managerDisplayName}}. \nThis is a reminder that {{userDisplayName}} has moved roles in the organization."
+                },
+                {
+                "name": "locale",
+                "value": "en-us"
+                },
+    ]
+}
+
+```
+
+### Request user access package assignment
+
+Allows you to request an access package assignment for users. Access packages are bundles of resources, with specific access, that a user would need to accomplish tasks. For more information on access packages, see [What are access packages and what resources can I manage with them?](entitlement-management-overview.md#what-are-access-packages-and-what-resources-can-i-manage-with-them).
+
+You're able to customize the task name and task description for this task. You must also select an access package that is provided to the user, and the access package policy.
+:::image type="content" source="media/lifecycle-workflow-task/request-user-access-package-assignment-task.png" alt-text="Screenshot of the request user access package assignment task.":::
+
+For Microsoft Graph, the parameters for the **Request user access package assignment** task are as follows:
+
+|Parameter |Definition  |
+|---------|---------|
+|category    |  joiner      |
+|displayName     |  Request user access package assignment (Customizable by user)        |
+|description     |  Request user assignment to selected access package (Customizable by user)       |
+|taskDefinitionId     |   c1ec1e76-f374-4375-aaa6-0bb6bd4c60be      |
+|arguments     |  Argument contains two name parameter that is the "assignmentPolicyId", and "accessPackageId".    |
+
+
+```Example for usage within the workflow
+{
+            "category": "joiner",
+            "description": "Request user assignment to selected access package",
+            "displayName": "Request user access package assignment",
+            "id": "c1ec1e76-f374-4375-aaa6-0bb6bd4c60be",
+            "parameters": [
+                {
+                    "name": "assignmentPolicyId",
+                    "values": [],
+                    "valueType": "string"
+                },
+                {
+                    "name": "accessPackageId",
+                    "values": [],
+                    "valueType": "string"
+                }
+            ]
+        }
+
+```
+
 ### Add user to groups
 
 
@@ -571,6 +661,96 @@ For Microsoft Graph, the parameters for the **Remove users from all teams** task
 
 ```
 
+### Remove access package assignment for user
+
+Allows you to remove an access package assignment from users. Access packages are bundles of resources, with specific access, that a user would need to accomplish tasks. For more information on access packages, see [What are access packages and what resources can I manage with them?](entitlement-management-overview.md#what-are-access-packages-and-what-resources-can-i-manage-with-them).
+
+You're able to customize the task name and description for this task in the Azure portal. You must also select the access package which you want to unassign from users.
+:::image type="content" source="media/lifecycle-workflow-task/remove-access-package-assignment-user-task.png" alt-text="Screenshot of the remove access package assignment for user task.":::
+
+For Microsoft Graph, the parameters for the **Remove access package assignment for user** task are as follows:
+
+|Parameter |Definition  |
+|---------|---------|
+|category    |  leaver      |
+|displayName     |  Remove access package assignment for user (Customizable by user)        |
+|description     |  Remove user assignment of selected access package (Customizable by user)        |
+|taskDefinitionId     |   4a0b64f2-c7ec-46ba-b117-18f262946c50      |
+|arguments     |  Argument contains a name parameter that is the "accessPackageId".   |
+
+
+```Example for usage within the workflow
+{
+            "category": "leaver",
+            "description": "Remove user assignment of selected access package",
+            "displayName": "Remove access package assignment for user",
+            "id": "4a0b64f2-c7ec-46ba-b117-18f262946c50",
+            "parameters": [
+                {
+                    "name": "accessPackageId",
+                    "values": [],
+                    "valueType": "string"
+                }
+            ]
+}
+```
+
+### Remove all access package assignments for user
+
+Allows you to remove all access package assignments from users. Access packages are bundles of resources, with specific access, that a user would need to accomplish tasks. For more information on access packages, see [What are access packages and what resources can I manage with them?](entitlement-management-overview.md#what-are-access-packages-and-what-resources-can-i-manage-with-them).
+
+You're able to customize the task name and description for this task in the Azure portal.
+:::image type="content" source="media/lifecycle-workflow-task/remove-all-access-package-assignment-user-task.png" alt-text="Screenshot of the remove all user access package assignment task.":::
+
+For Microsoft Graph, the parameters for the **Remove all access package assignments for user** task are as follows:
+
+|Parameter |Definition  |
+|---------|---------|
+|category    |  leaver      |
+|displayName     |  Remove all access package assignments for user (Customizable by user)        |
+|description     |  Remove all access packages assigned to the user (Customizable by user)        |
+|taskDefinitionId     |   42ae2956-193d-4f39-be06-691b8ac4fa1d      |
+
+
+```Example for usage within the workflow
+{
+            "category": "leaver",
+            "description": "Remove all access packages assigned to the user",
+            "displayName": "Remove all access package assignments for user",
+            "id": "42ae2956-193d-4f39-be06-691b8ac4fa1d",
+            "parameters": []
+}
+```
+
+
+### Cancel all pending access package assignment requests for user
+
+Allows you to remove all access package assignments from users. Access packages are bundles of resources, with specific access, that a user would need to accomplish tasks. For more information on access packages, see [What are access packages and what resources can I manage with them?](entitlement-management-overview.md#what-are-access-packages-and-what-resources-can-i-manage-with-them).
+
+You're able to customize the task name and description for this task in the Azure portal.
+:::image type="content" source="media/lifecycle-workflow-task/cancel-all-pending-access-package-assignments-task.png" alt-text="Screenshot of the cancel all pending access package assignments requests for a user task.":::
+
+For Microsoft Graph, the parameters for the **Cancel all pending access package assignment requests for user** task are as follows:
+
+|Parameter |Definition  |
+|---------|---------|
+|category    |  leaver      |
+|displayName     |  Cancel pending access package assignment requests for user (Customizable by user)        |
+|description     |  Cancel all pending access packages assignment requests for the user (Customizable by user)        |
+|taskDefinitionId     |   498770d9-bab7-4e4c-b73d-5ded82a1d0b3      |
+
+
+```Example for usage within the workflow
+{
+            "category": "leaver",
+            "description": "Cancel all pending access packages assignment requests for the user",
+            "displayName": "Cancel pending access package assignment requests for user",
+            "id": "498770d9-bab7-4e4c-b73d-5ded82a1d0b3",
+            "parameters": []
+}
+```
+
+
 ### Remove all license assignments from User
 
 Allows all direct license assignments to be removed from a user. For group-based license assignments, you would run a task to remove the user from the group the license assignment is part of.
@@ -632,7 +812,7 @@ For Microsoft Graph, the parameters for the **Delete User** task are as follows:
 
 ```
 
-## Send email to manager before user's last day
+### Send email to manager before user's last day
 
 Allows an email to be sent to a user's manager before their last day. You're able to customize the task name and the description for this task in the Azure portal.
 :::image type="content" source="media/lifecycle-workflow-task/send-email-before-last-day.png" alt-text="Screenshot of Workflows task: send email before user last day task.":::
@@ -682,7 +862,7 @@ For Microsoft Graph the parameters for the **Send email before user's last day**
 
 ```
 
-## Send email on user's last day
+### Send email on user's last day
 
 Allows an email to be sent to a user's manager on their last day. You're able to customize the task name and the description for this task in the Azure portal.
 :::image type="content" source="media/lifecycle-workflow-task/send-email-last-day.png" alt-text="Screenshot of Workflows task: task to send email last day.":::
@@ -731,7 +911,7 @@ For Microsoft Graph, the parameters for the **Send email on user last day** task
 
 ```
 
-## Send email to user's manager after their last day
+### Send email to user's manager after their last day
 
 Allows an email containing off-boarding information to be sent to the user's manager after their last day. You're able to customize the task name and description for this task in the Azure portal.
 :::image type="content" source="media/lifecycle-workflow-task/offboard-email-manager.png" alt-text="Screenshot of Workflows task: send off-boarding email to users manager after their last day.":::