← Back to Portfolio

Service Desk Automation & M365 Integration

Automating user provisioning, security roles, and service desk workflows with Power Automate and Microsoft Teams

Executive Summary

I designed and implemented a suite of Power Automate workflows that transformed the organisation's service desk operations by automating user provisioning, security role assignments, and Teams-based notifications. The project integrated SharePoint lists and Microsoft Teams channels directly into the service desk process, creating a seamless flow from request submission through to resolution and notification.

Before implementation, user onboarding and role changes required manual coordination between HR, IT, and department managers — often involving email chains, spreadsheet tracking, and significant delays. The new system cuts manual processing time by 50% and reduces escalations by 20% through automated routing, real-time status updates, and structured approval workflows.

The solution leverages the full Microsoft 365 stack: Power Automate for orchestration, SharePoint lists for request tracking, Teams channels for real-time notifications and collaboration, Azure AD/Entra ID for identity management, and Power BI for operational reporting. It demonstrates how M365-native automation can replace fragmented manual processes with a governed, auditable, and scalable service delivery model.

Background & Context

The organisation's service desk processes had grown organically, relying heavily on email and manual intervention. When a new employee joined, the onboarding process involved a chain of emails between HR, IT, and the hiring manager to provision accounts, assign licences, configure security groups, set up equipment, and grant access to relevant SharePoint sites and Teams. Each step was manually tracked, and there was no single view of progress.

Security role changes were similarly manual. When an employee changed departments or took on new responsibilities, updating their access across Azure AD groups, SharePoint permissions, Teams memberships, and application roles required multiple touchpoints with no automated verification that all changes had been applied correctly. This created both security risks (over-provisioned access from incomplete deprovisioning) and productivity losses (under-provisioned access for new roles).

The service desk team spent a disproportionate amount of time on routine, repeatable tasks rather than resolving complex technical issues. Escalations were frequent because there was no structured routing — requests sat in shared mailboxes until someone picked them up, with no SLA tracking or automatic reassignment. Leadership needed a solution that would bring structure, speed, and accountability to service delivery without requiring a costly third-party ITSM platform.

Objectives

  • Automate user provisioning workflows from HR request through to fully configured accounts
  • Streamline security role assignments with approval routing and automated Azure AD group management
  • Integrate Teams-based notifications for real-time service desk updates and collaboration
  • Build SharePoint-based request tracking with structured forms, status tracking, and SLA monitoring
  • Reduce manual processing time by at least 40%
  • Decrease unnecessary escalations through automated routing and self-service options
  • Provide operational visibility via dashboards and reporting

Methodology & Approach

1. Process Mapping & Analysis

I mapped every service desk process end-to-end, identifying the steps that were manual, repetitive, and suitable for automation. I analysed ticket data to understand the most common request types, average resolution times, escalation patterns, and bottlenecks. User provisioning and security role changes emerged as the highest-volume, most time-consuming processes with the clearest automation potential.

2. Request Management Design

I designed SharePoint lists to serve as the structured backend for service requests, replacing the shared mailbox approach. Each request type has a dedicated list with custom columns capturing the specific information needed for that workflow — eliminating the back-and-forth that occurred when requests arrived with incomplete information. Power Apps forms provide a guided submission experience for end users.

3. Workflow Development

I built 20+ Power Automate flows covering the full service desk lifecycle. For user provisioning, this includes: new starter request capture, manager approval routing, automated Azure AD account creation, licence assignment, security group membership, SharePoint site access provisioning, Teams team addition, and confirmation notification. For role changes: request submission, multi-level approval based on access sensitivity, automated group membership updates, and verification checks.

4. Teams Integration

I configured dedicated Teams channels for service desk operations, with Power Automate posting structured Adaptive Cards for new requests, status changes, and SLA warnings. This gave the IT team real-time visibility without needing to constantly check a queue, and enabled quick collaboration on complex requests directly within the channel thread. Escalation alerts automatically notify relevant managers when SLA thresholds are approaching.

5. Testing & Validation

Each workflow was tested against comprehensive scenarios including: standard provisioning, role changes across departments, emergency access requests, deprovisioning (leavers), and edge cases like concurrent role changes or requests for access to restricted resources. I validated that Azure AD changes propagated correctly and that all notification channels fired as expected.

6. Rollout & Monitoring

The solution was rolled out in phases — starting with user provisioning, then adding security role management, and finally broader service desk automation. Each phase included training sessions for both IT staff and end users, with feedback loops informing iterative improvements. Power BI dashboards were configured to provide real-time operational metrics from day one.

Solution Architecture

The architecture centres on Power Automate as the workflow engine, orchestrating between SharePoint (request management and tracking), Azure AD/Entra ID (identity and access management), Microsoft Teams (notifications and collaboration), and Power BI (operational reporting).

When a service request is submitted via Power Apps or directly in SharePoint, Power Automate evaluates the request type and routes it through the appropriate approval and fulfilment workflow. For provisioning requests, the flow calls Microsoft Graph API to create or modify user accounts, assign licences, and manage group memberships. Teams Adaptive Cards keep stakeholders informed at each stage, and the SharePoint list is updated in real time to maintain a complete audit trail.

Error handling is built into every flow with retry policies, fallback notifications, and manual intervention queues for requests that cannot be automatically fulfilled. The Power BI dashboard pulls from SharePoint list data to surface request volumes, resolution times, SLA compliance, and automation success rates.

Service Desk — Automation Dashboard
50% Faster Processing
20+ Automated Flows
98% SLA Compliance
New Starter — J. Murphy Provisioned
Role Change — S. Clarke Awaiting Approval
Leaver — R. Thompson Deprovisioning
All workflows operational — 0 failed runs today

Key Features

  • Automated user provisioning: account creation, licence assignment, security group membership, and SharePoint/Teams access in a single workflow
  • Security role management with multi-level approval routing based on access sensitivity and Azure AD group automation
  • Teams Adaptive Card notifications for new requests, approvals, status changes, and SLA warnings
  • SharePoint-based request tracking with custom forms, status columns, and complete audit trail
  • Automated deprovisioning workflow for leavers — revoking access, reassigning data, and confirming completion
  • SLA monitoring with escalation alerts when resolution thresholds approach
  • Self-service request submission via Power Apps with guided forms and validation
  • Power BI operational dashboard showing request volumes, resolution times, and automation success rates

Technologies Used

Power Automate SharePoint Online Microsoft Teams Azure AD / Entra ID Microsoft Graph API Power Apps Power BI Adaptive Cards

Results & Impact

50% Reduction in Manual Processing Time
20% Fewer Escalations
20+ Automated Workflows
98% SLA Compliance

Before

  • User provisioning required manual email chains between HR, IT, and managers
  • Security role changes tracked in spreadsheets with no audit trail
  • Service requests sat in shared mailboxes with no routing or SLA tracking
  • No real-time visibility into request status for stakeholders
  • Frequent escalations due to unstructured request handling

After

  • End-to-end automated provisioning from request to fully configured account
  • Governed role management with approval routing and automated Azure AD updates
  • Structured request tracking in SharePoint with SLA monitoring and escalation rules
  • Real-time Teams notifications keeping all stakeholders informed
  • 20% fewer escalations through automated routing and self-service options

Lessons Learned

What Worked Well

Using Teams Adaptive Cards for notifications was a game-changer for adoption. Rather than requiring IT staff to monitor a separate system, updates came to them in the tool they already lived in. The structured card format made it easy to see request details at a glance and take action directly from the notification. The phased rollout approach also proved critical — starting with user provisioning built confidence in the automation before expanding to more complex workflows.

What We Would Improve

I would build a self-service portal earlier in the project, giving end users visibility into the status of their own requests without needing to contact IT. I would also implement more granular analytics from the start — understanding which specific workflow steps take longest and where manual intervention is most frequently required. This data would enable continuous optimisation of the automation flows and help justify further investment in service desk modernisation.

Client Value

The immediate impact was a 50% reduction in manual processing time for the most common service desk operations. For user provisioning alone, what previously took hours of coordinated effort across multiple teams now completes in minutes with a single request submission. This freed the IT team to focus on complex technical issues rather than routine administrative tasks.

The 20% reduction in escalations reflects a fundamental shift in how service requests are handled. With structured routing, SLA tracking, and automated notifications, requests no longer fall through the cracks. Managers have real-time visibility into their team's requests, and the IT team can proactively manage workload based on dashboard insights rather than reacting to complaints.

From a security perspective, the automated provisioning and deprovisioning workflows significantly reduce the risk of access-related incidents. New starters receive exactly the access they need from day one (no more, no less), and leavers have their access revoked systematically rather than relying on manual checklists. Every change is logged with a complete audit trail, supporting compliance requirements.

The solution is built entirely on Microsoft 365 tools the organisation already licences, avoiding the cost and complexity of a third-party ITSM platform. It's maintainable by the internal team and extensible as new automation opportunities are identified.

Looking to Automate Your Service Desk?

I build M365-native service desk automation that eliminates manual bottlenecks and brings structure to IT operations. Let's discuss your requirements.

Get in Touch