The current version of Delegate365 adds a new feature: Schema extensions for users. Schema extensions allow to add custom data to Azure AD objects. In Delegate365, administrators can use the Delegate365 schema extension feature to add custom properties to a user. Find out, how you can use the user schema extension in Delegate365 here.
Possible areas of application are e.g. predefined job titles, cost center, employee type, other emails or managers, or other user specific data where there is no property in Azure AD existing. The Delegate365 user schema extension can be declared and used in Delegate365 and in the Azure AD. There can be multiple properties defined, as a text field, or with predefined values as a selection field.
So, Delegate365 supports a free customizable user defined schema extension. The custom user data can be used outside of Delegate365 as well.
- Default setting: You can find the schema extension settings in the Administration / Delegate365 settings menu, at the end of the page, in the Schema extensions section. By default, the schema extensions are not activated.
- Activate and create the schema extension: Turn on the switch "Use schema extensions in Delegate365".
The switch activates the usage of the user schema extension in the Users menu, as a new function in the right menu, as here.
In order to be able to use the schema extensions, we have to define the following properties. If you want to deactivate that functionality, set the "Use schema extensions in Delegate365" switch to No. - Create the schema extension properties: Then, we can create one or more properties below. In our sample, we first add a new property with the name "jobtitle". Delegate365 offers a text field for free input, or a selection field (a dropdown). We want that the jobtitle shall be picked from a predefined list. So, we set the Is selection to Yes.
Click the Values icon to the right of the switch. Now, we can add values for the selection in the panel on the right.
Add multiple values and the desired order (that is used for the output) here. In this sample. we added 5 values for the jobtitle field. Click OK to save the values. When done, we can click Create extension.
A toast message shows the successful creation of the new schema extension.
This process creates the schema extension in Azure AD for all users in the tenant. - Schema extension name "extxxxxxxx_delegate365userextension": The schema extension is automatically named with a random extension number by Azure AD, followed by the name "delegate365userextension". In this sample, the generated name is "extmersxab8_delegate365userextension". The name cannot be changed. In Azure AD, the extension stores string values. See the following post how to access it from outside of Delegate365.
- Update the schema extension: You can add additional properties to the schema extension if needed. In real world, this should be just a handful of properties you really need for all users, such as cost center, employee type, other emails or additional managers or similar. Simple properties for simple data. If you need to store more extensive user information, such as a picture or similar, we recommend to store just a reference as a link to that data in the user object.
In this sample, we add another property with the name "costcenter". This is a free text field, and Is selection stays to No. The admin shall enter any string value. Now, we can click Update extension to update the schema extension in Azure AD. We shall get a short success-message.
- Existing property names cannot be changed: Note, that existing properties cannot be renamed or deleted. But, you can add new properties. Here this means, you cannot modify the property name jobtitle to e.g. oldjobtitle. When you update the schema extension , Azure AD will deliver an error as here.
If you such an error is shown, simply open another menu on the left, and come back to the Delegate365 settings menu. It will show the (unchanged) properties as they exist in the Azure AD. Again, you can a) add more new properties and b) you can modify the selection values anytime if needed! - Existing properties cannot be deleted: According to the previous point, properties cannot be removed, once the schema extension has been created or updated. This schema extensions behavior is by design. You would get and error similar as here: SaveSchemaExtension: Code: BadRequest Message: Cannot delete an existing property. So, create the properties wisely.
- Fill and use the user schema extension: Once defined (and activated), the Delegate365 admins will see the Schema extensions menu in the Users list, as here.
The schema extensions panel opens on the right side, showing the defined properties. In this sample, we see the jobtitle as a dropdown and the costcenter as a text field.
The jobtitle selection offers the values we defined before. The predefined order defines the order in the dropdown. Here, Adele Vance, gets the role "HR Manager" assigned.
So, the data for this user can be selected and entered in the panel. As cost center, we input "1200" as a text value.
Click Save to save the custom data in the user schema property and to close the panel. - Users with custom data: To see, remove or manage the custom property values, select the user and open the Schema extensions menu anytime.
- Limits and behavior: One application (in our case, the Delegate365 app) can only own up to 5 schema extensions. The Delegate365 user schema extension cannot be deleted to ensure manageability and expandability for additional properties if needed. Therefore, the Delegate365 setup has been renewed to ensure that the Delegate365 app is never deleted and all secrets, certificates and permissions are renewed or prolonged properly, when a new Delegate365 setup is executed.
The article Working with Azure AD schema extensions in Graph PowerShell demonstrates how to use the Delegate365 schema extensions outside of Delegate365. You can access the schema extension by the name provided here.
The Delegate365 schema extension for users allows enables the management and storage of additional data for user objects. The selector is useful to only allow predefined values for some custom properties. This helps in standardizing certain values within an organization. See the following article how to access that data from outside of Delegate365.
The new feature will be available in Delegate365 v9.2 in March. Happy managing your M365 tenant with Delegate365!