• Overview
  • Configuration

Related-apps

Nintex

Automate complex workflow user provisioning and reduce IT overhead.

Identity provisioningiPaaS

Integrating Nintex with Active Directory using ADManager Plus enables seamless identity orchestration across your business process automation workflows. As users are added, updated, or removed in Active Directory, this integration ensures that their access to Nintex remains accurate and timely. By connecting directory-based identity management with process automation, organizations can streamline provisioning, prevent access mismatches, and maintain control over who can initiate or participate in critical workflows.

 

Frictionless onboarding

Automatically create Nintex accounts when users are added in AD, ensuring immediate access to assigned workflows.

 

Role-based access updates

Sync role or group changes from AD to Nintex to maintain accurate permissions across evolving responsibilities.

 

Clean deprovisioning

Instantly revoke access in Nintex when users are disabled or removed from AD, avoiding unauthorized workflow actions.

 

How to configure Nintex integration in ADManager Plus

Prerequisites:

Nintex uses OAuth 2.0 to authorize API requests. Please ensure to provide the client_id and client_secret with permissions to retrieve desired information and perform tasks in Nintex. Refer to the Nintex API references page for more details.

Privileges:

  • To import users from Nintex (Inbound action): Ensure the account used for authorization has permission to read all user accounts.
  • To perform any action or query in Nintex (Outbound Action): Ensure the account used for authorization has permission to perform the desired action.
Note: ADManager Plus comes with pre-configured set of APIs that helps perform basic actions with the integration. If the action you require is not available, please gather the necessary API details from Nintex API documentation to configure under inbound/ outbound webhooks to perform the required actions.

Authorization configuration

  • Log in to ADManager Plus and navigate to Directory/Application Settings.
  • Go to Application Integrations, then search and select Nintex
  • Toggle the Enable Nintex Integration button on.
  • In the Nintex Configuration page, click Authorization.
  • Perform steps to generate client_id and client_secret from Nintex, and paste them in the respective value fields.
  • Enter Client Credentials as Grant Type
  • Click Configure.

Inbound webhook configuration

Inbound webhook enables you to fetch user data from Nintex to ADManager Plus. To configure an inbound webhook for Nintex:

  • Under Inbound Webhook, click Nintex Endpoint Configuration.
  • In the Endpoint Configuration tab, an endpoint, Nintex GET USERS ENDPOINT, comes pre-configured with an Endpoint URL, API Method, Headers, and Parameters fields to fetch user accounts from Nintex. However, if you would like to use a new endpoint to import users, you can configure one using the + Add API endpoint button and filling in the required fields as per Nintex's API references. Click here to learn how. Note:
    • Authorization Header is preconfigured as a header for authenticating API requests as configured during Authorization Configuration.
    • Macros: You can add macros to your endpoint configuration to dynamically change it as per your requirement using the macro chooser component.
    • Refer to Nintex's API references and configure additional headers and parameters, if required.
    • In the Settings tab, the Repeat Calling This Endpoint option has been enabled by default to repeatedly call the API until you get all the required data. The Repeat Call Configuration has been pre-configured to increase the page parameter value by 1 to fetch 100 objects in each API endpoint call. In the Repeat Call Criteria field, the condition has been pre-configured to repeat the API call until the response has no values.
  • Once done, click Test & Save. A response window will display all the requested parameters that can be fetched using the API call. After verifying if the requested parameters have been fetched, click Proceed. Note:
    • Refer to Nintex's API references to know the Parameters that must be configured to fetch only specific parameters.
    • You can configure multiple endpoints for Nintex using the + Add API endpoint button. Click here to learn how.
  • Click Data Source - LDAP Attribute Mapping to match endpoints and to map AD LDAP attributes with the respective attributes in Nintex.
  • Click + Add New Configuration and perform the following:
    • Enter the Configuration Name and Description and select the Automation Category from the drop-down menu.
    • In the Select Endpoint field, select the desired endpoint and a Primary Key that is unique to a user (e.g. employeeIdentifier). Note: When multiple endpoints are configured, this attribute must hold the same value in all the endpoints.
    • In the Attribute Mapping field, select the attribute from the LDAP Attribute Name drop-down menu and map it with the respective attribute in Nintex.
    • If you would like to create a new custom format for this, click Add New Format.
    • Click Save.
Note: The attribute mapping configured in this section can be selected as the data source during automation configuration to perform the desired action on the list of users received from the API response.

Outbound webhook configuration

An outbound webhook enables you to send changes made in AD using ADManager Plus to Nintex and carry out tasks in Nintex—all from ADManager Plus.To configure an outbound webhook for Nintex:

  • Under Outbound Webhook, click Nintex Webhook Configuration.
  • Click + Add Webhook.
  • Enter a name and description for this webhook.
  • Decide on the action that has to be performed and refer to Nintex's API references for the API details, such as the URL, headers, parameters, and other requirements.
  • Select the HTTP method that will enable you to perform the desired action on the endpoint from the drop-down menu.
  • Enter the endpoint URL.
  • Configure the Headers, Parameters, and Message Type in the appropriate format based on the API call that you would like to perform.
  • Click Test and Save.
  • A pop-up window will then display a list of AD users and groups on which to test the configured API call. Select the desired user or group on which this API request has to be tested and click OK. This will make a real-time call to the endpoint URL, and the selected objects will be modified according to the configuration.
  • The webhook response and request details will then be displayed. Verify them for the expected API behavior and click Save.
Note: The webhooks configured in this section can be included in Orchestration Templates, which can be used in event-driven and scheduled automations. They can also be applied directly to desired users to perform a sequence of actions on them (under Management > Advanced Management > Orchestration).