Webhooks are used across virtually every industry and application category that requires real-time, event-driven communication. They are the backbone of modern automation and integration. Webhooks are an automated way for one application to send real-time information to another application when a specific event occurs. Essentially, they're user-defined HTTP callbacks that trigger a message to a unique URL. Instead of constantly checking (polling) an application's server to see if new data is available (like you repeatedly checking your email for a reply 📧), the application itself sends a notification to a pre-registered URL (the webhook endpoint) the instant the event happens. The update is delivered instantly when the event occurs, eliminating the need for wasteful polling. With Privilege Elevation and Delegation Management, you can get elevation request alerts/notifications using the webhooks in your application. As an example, we will describe how PEDM elevation requests can be sent through the Microsoft Teams webhooks.
Configuring PEDM webhooks with Microsoft Teams' workflows
Microsoft allows incoming webhooks with Workflows for Microsoft Teams, which can be shared in chats and channels. Webhooks are used as tools to track and notify. To set them up, follow the steps below:
1. In Microsoft Teams, select More options (the three-dot button) next to the channel or chat you want to create a workflow for and then select Workflows.
2. Search for webhook and select Send webhook alerts to a chat.
3. Give the webhook a name, select the connection (you can leave one connection or you can add multiple), and press Next.
4. In the Details section, choose the Microsoft Teams Group chat from the dropdown selector and press Add workflow.
5. A workflow should be created. Copy the generated URL and press Done.
6. Navigate to the HEIMDAL Dashboard -> Endpoint Settings -> Your GP -> Privileges & App Control tab -> Privilege Elevation and Delegation Management, enable Webhooks, and press the Add new webhook button to add the copied URL. Make sure you give your webhook a friendly name, enable the Adaptive card tickbox, and press the Add button.
After configuring the webhook, don't forget to scroll down and press the Update GP button to save the Group Policy settings.
Whenever a new PEDM elevation request is made, besides being shown in the Privilege Elevation and Delegation Management product page, a new alert will also be sent to Microsoft Teams through the Workflows feature using the PEDM webhooks.
Configuring PEDM webhooks with Microsoft Power Automate
Microsoft allows incoming webhooks with flows in Microsoft Power Automate, which can send email notifications or can be leveraged in ways that you prefer. To set up a flow, follow the steps below:
1. In Microsoft Power Automate, navigate to My flows and press the New flow button followed by the Instant cloud flow option.
2. Give your flow a name, select the When an HTTP request is received option from the dropdown menu, and hit Create.
3. On the next step, click the flow's starting point, select the Parameters tab, and select Anyone (or any other preferred option) for the Who can trigger the flow? field.
4. Click the + button on the flow to add an action and search for the Parse JSON action.
5. In the Parameters tab, you need to click within the Content field, then click on the lightning bolt icon (to add dynamic content) and select the Body option. In the Schema field at the following:
{
"type": "object",
"properties": {
"elevationId": {},
"customer": {},
"hostname": {},
"username": {},
"reason": {},
"email": {},
"phoneNumber": {},
"duration": {},
"timestamp": {},
"elevationLink": {}
}
}
6. Click the + button on the flow to add another action and select the Send email with options action.
7. In the Parameters tab, add the email address(es) that should receive alerts through the PEDM webhooks and configure the Body of the email that will be sent by Microsoft Power Automate to the recipients. These settings can be configured according to your needs, and HTML code can be used in the Body field to adjust the visuals of the way the data in the email notification looks.
8. Once you are done configuring the flow, you can hit the Save button (on the top-right of the page). Saving the flow will generate the webhook HTTP URL (found under the first step of the flow that you need to add to the Heimdal Dashboard under PEDM in the Group Policy settings.
9. Navigate to the HEIMDAL Dashboard -> Endpoint Settings -> Your GP -> Privileges & App Control tab -> Privilege Elevation and Delegation Management, enable Webhooks, and press the Add new webhook button to add the copied URL. Make sure you give your webhook a friendly name, enable the Adaptive card tickbox, and press the Add button.
After configuring the webhook, don't forget to scroll down and press the Update GP button to save the Group Policy settings.
Whenever a new PEDM elevation request is made, besides being shown in the Privilege Elevation and Delegation Management product page, a new alert will also be sent to Microsoft Teams through the Workflows feature using the PEDM webhooks.