Note: Please ensure you have read Part One and Part Two in this series before continuing


In Part Two we

Reader Activity Review
1. We successfully created our first action.
2. We configured the input for the action.
3. We configured our output, or return value for the action.

Assuming you have completed the above steps we are in a position to create our Authentication action and test it out.

Getting Organised

Firstly let us create a new folder to store our authentication action in.

Reader Activity – Create Folder
1. Log in to VMware vRO.
2. Select Design mode from th dropdown at the top.
3. Select the Actions tab.
4. Create a new folder called

5. Create a new action called AuthenticateToMicrosoftGraph



Below you will see the code for our authentication action. The action requires a string input known in the code below as jsonInput. The return type is set to string.

var jsonInputRootObject = JSON.parse(jsonInput);
var jsonInputObject = jsonInputRootObject.Configuration;

var requestMethod = "POST";
var restHost = RESTHostManager.createHost("dynamicRequest");
httpRestHost = RESTHostManager.createTransientHostFrom(restHost);
httpRestHost.operationTimeout = 60;
httpRestHost.connectionTimeout = 30;
httpRestHost.hostVerification = false;
httpRestHost.url = "" + jsonInputObject.TenantId;

var body = "grant_type=password&username=" + jsonInputObject.Username 
+ "&password=" + jsonInputObject.Password 
+ "&client_id=" + jsonInputObject.ClientId 
+ "&resource=" + jsonInputObject.ClientSecret;

var request = httpRestHost.createRequest(requestMethod, "/oauth2/token", body);
request.setHeader("Content-Type", "application/x-www-form-urlencoded");

var response = request.execute();
var jsonResponse = JSON.parse(response.contentAsString);

return JSON.stringify(jsonResponse);

As you can see, the input provides the Tenant ID, Username, Password, ClientId and Secret, all required to authenticate. We configure the correct header information and execute the request. We then return the JSON content response as a string out of the action.

Wrapping Up

What I tend to do is create a workflow to manage the Authentication and Obtain Token steps. This workflow uses the ConfigToJsonTransformer and AuthenticateToObtainToken actions. Following the actions, I use a simple script to create a single JSON object that will hold the resulting authentication token and information, as well as the configuration information.

Reader Activity – Create Wrapper Workflow
1. Log in to VMware vRO.
2. Select Design mode from the dropdown at the top.
3. Select the Workflow tab.
4. In a suitable location, create a new workflow called AuthenticateAndObtainToken
5. Add the ConfigToJsonTransformer and AuthenticateToMicrosoftGraph actions on to the canvas
6. Add a new script object on to the canvas called Build Final Json

The canvas should now look like the following

From the General tab of the workflow, ensure the following Attributes exist with the following settings



From the Outputs tab of the workflow, ensure the following Output Parameter exists



From the Schema tab of the workflow, edit the Build Final Json script object and insert the following code on the Scripting tab

var authJson = {};
authJson.Authentication = JSON.parse(authenticationInformation);

var confJson = {};
confJson.Configuration = JSON.parse(configJson);

var output = {};
output.Authentication = JSON.parse(authenticationInformation);
output.Configuration = JSON.parse(configJson);

outputJson = JSON.stringify(output);


Visual Bindings

We need to configure the Visual Bindings between our objects on the Canvas. By selecting each of the objects in turn from the Schema view and clicking the Visual Binding tab, configure as follows

Visual Bindings for ConfigToJsonTransformer


Visual Bindings for AuthenticationToMicrosoftGraph


Visual Bindings for Build Final Json Script


Execute the workflow

Execute the workflow and (if everything has been configured properly) you should see a green tick next to the workflow. If you check the Logs on that run you will see that the Authentication request was successful.


Next Steps

Now you can authenticate and obtain your token to Office365 you can start creating workflows and actions to carry out tasks such as creating a user. You can follow a pattern similar to that in these three series posts.

You can also download this zip file which contains the work from this series of blog posts as well as an example workflow that will obtain information about users in your Office365 organisation.

Go Automate!



CIO at Sonar, Automation Practice Lead at Xtravirt and guitarist in The Waders. Loves IT, automation, programming, music