# Onboarding form inputs and workflow process ## All onboarding form fields This section provides a complete breakdown of all onboarding form fields, including hidden fields that are conditionally displayed based on other selections. {% hint style="info" %} Expand each of the categories below to see its related reference table. {% endhint %}

Basic settings required for all configurations


Field name	Field label	Field type	Requirement	Conditions
`ticket_id`	Existing Ticket Number	Dropdown	Optional	Always visible
`account_requestor`	Account Requestor (Missing Opt Gen)	Text Input	Optional	Always visible
`first_name`	First Name	Text Input	Required	Always visible
`middle_name`	Middle Name	Text Input	Optional	Always visible
`last_name`	Last Name	Text Input	Required	Always visible
`custom_display_name`	Custom Display Name	Text Input	Optional	`advanced_options_user_attributes`is checked
`email_domain`	Primary Email Domain	Dropdown	Required	Always visible
`username`	Username	Text Input	Auto-Generated	Requires First and Last Name
`user_exists`	Does User Exist	Output Only	Determines if the user exists in the primary identity instance.
`license_group_assignment`	License Group Assignment	Multi-Select Dropdown	Optional	`user_exists` is true OR `licencing_choose_subscription` is enabled
`direct_m365_license_assignment`	Direct M365 License Assignment	Dropdown	Optional	`user_exists` is true OR `licencing_choose_subscription` is enabled
`license_subscription`	License Subscription	Dropdown	Optional	`user_exists` is true OR `licencing_choose_subscription` is enabled
`copy_user_attributes`	Copy User Attributes	Checkbox	Optional - select this box to choose a user to copy attributes from. Any attributes set in the form will overwrite the attribute from the copied user.	Always visible
`user_to_copy`	User To Copy	Dropdown	Optional	`copy_user_attributes` is checked. For Azure, this will copy: User Location, City, Address Line 1, Desk Phone Number, Company Name, Usage Location, Department Title, Phone Number, Post Code, State. For on-prem, this will copy: country/region code (ISO two-letter), country/region (full name), locality (city), state or province, company, numeric country code, department, manager, office location, postal code, street address, title.
`copy_user_groups`	Copy User Groups	Checkbox	Optional	`copy_user_attributes` is checked
`onprem_security_groups`	On-Prem Sec Groups	Multi-Select Dropdown	Optional	`primary_identity_provider` is On-Prem AD or Hybrid
`onprem_dist_groups`	On-Prem Dist Groups	Multi-Select Dropdown	Optional	`primary_identity_provider` is On-Prem AD or Hybrid
`azure_ad_security_groups`	Entra Security Groups	Multi-Select Dropdown	Optional	`primary_identity_provider` is Azure AD or Hybrid
`azure_ad_mail_groups`	Entra Mail-Enabled Groups	Multi-Select Dropdown	Optional	`primary_identity_provider` is Azure AD or Hybrid
`organizational_unit`	Organizational Unit	Dropdown	Optional	`primary_identity_provider` is On-Prem AD or Hybrid
`password`	Password	Text Input	Optional	Leave blank to auto-generate OR enter a password (min 8 chars).
`show_advanced_options`	Show Advanced Options	Checkbox	Optional	Always visible

Advanced: Manual approver fields

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | --------------------------- | -------------------------- | -------------- | --------------- | -------------------------------------- | | `advanced_options_approval` | Advanced - Manual Approver | Checkbox | Optional | `show_advanced_options` is checked | | `manual_approver_email` | Manual Approver E-Mail | Text Input | Optional | `advanced_options_approval` is checked |

Advanced: User attributes

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | ----------------------------- | -------------------------------- | --------------------------- | --------------- | -------------------------------------------------------------------------------------------------------------------------- | | `home_directory` | User Attributes - Home Directory | Checkbox | Optional | `primary_identity_provider` is On-Prem AD, Hybrid (No Sync), On-Prem Only, AND `advanced_options_home_directory`is checked | | `home_directory_server` | Home Directory Server | Dropdown | Optional | `home_directory` is checked | | `home_directory_path` | Home Directory Path | Text Input | Optional | `home_directory` is checked | | `home_directory_drive_letter` | Dropdown | Home Directory Drive Letter | Optional | `home_directory` is checked | | `description` | Description (AD Only) | Multi-line Input | Optional | `primary_identity_provider` is On-Prem AD or Hybrid |

Advanced: RMM options

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | ---------------------- | ---------------------- | -------------- | --------------- | ------------------------------------ | | `advanced_options_rmm` | Advanced - RMM Options | Checkbox | Optional | `enable_advanced_options` is checked |

Advanced: Mail attributes

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | --------------------------------------- | --------------------------------------------- | --------------------- | --------------- | --------------------------------- | | `mail_nickname` | Mail Nickname | Text Input | Optional | `advanced_options_mail`is checked | | `secondary_email_domains` | Secondary Email Domains | Multi-Select Dropdown | Optional | `advanced_options_mail`is checked | | `shared_mailboxes` | Shared Mailboxes | Multi-Select Dropdown | Optional | `advanced_options_mail`is checked | | `shared_mailboxes_allow_send_as` | Allow Send As the Shared Mailboxes? | Checkbox | Optional | `shared_mailboxes` is checked | | `shared_mailboxes_allow_send_on_behalf` | Allow Send on Behalf of the Shared Mailboxes? | Checkbox | Optional | `shared_mailboxes` is checked |

Advanced: Password settings

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | --------------------------- | ------------------------------------- | ------------------ | --------------- | ----------------------------------------------------------------------------------- | | `require_password_change` | Require Password Change | Checkbox | Optional | `advanced_options_password` is checked | | `cannot_change_password` | User cannot change password (On-Prem) | Checkbox | Optional | `advanced_options_password` is checked | | `password_never_expires` | Password Never Expires (On-Prem) | Checkbox | Optional | `advanced_options_password` is checked | | `store_password_in_ticket` | Store Password in Ticket | Checkbox | Optional | `advanced_options_password` is checked | | `send_sms_to_user` | Send Password to User Mobile | Checkbox | Optional | `ORG.VARIABLES.send_sms_to_user`and | | `advanced_options_password` | | | | | | `sms_with_country_code` | SMS Number with Country Code | Number Input Field | Optional | `send_sms_to_user` and `advanced_options_password` | | `vpn` | Dial-In VPN access for the user. | Checkbox | Optional | `advanced_options_user_attributes`is checked and `show_advanced_options` is checked |

Advanced: PSA options

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | ----------------------- | ----------------------------- | -------------- | --------------- | --------------------------------- | | `create_contact_in_psa` | Create Company Contact in PSA | Checkbox | Optional | `advanced_options_psa` is checked | | `psa_child_company` | PSA Child Company | Dropdown | Optional | `advanced_options_psa` is checked |

Device and software assignments

| **Field name** | **Field label** | **Field type** | **Requirement** | **Conditions** | | ----------------------- | ------------------------------ | --------------------- | --------------- | ------------------------------------ | | `required_devices` | Required Devices | Multi-Select Dropdown | Optional | `advanced_options_devices`is checked | | `device_description` | Device Description Information | Multi-line Input | Optional | `advanced_options_devices`is checked | | `required_applications` | Required Applications | Multi-Select Dropdown | Optional | `advanced_options_apps` is checked |

### **Form fields present if using OpenText SecureCloud** When filling out the Microsoft: User Onboarding form after setting the organization variable required to use this integration with the Crate, four new fields will populate. * **Secure Cloud User Location** * **Secure Cloud Microsoft Services** * **SecureCloud Security Services** * **Secure Cloud Exchange Services** Choose the **Secure Cloud User Location** from the drop-down selector, and at least one **Secure Cloud Microsoft Service** from that relevant drop-down list. The other fields are optional.

Form interface displaying four dropdown fields for configuring secure cloud settings. The fields are labeled “Secure Cloud User Location,” “Secure Cloud Microsoft Services,” “Secure Cloud Security Services,” and “Secure Cloud Exchange Services.” Each field includes a note prompting the user to select the required Microsoft or Secured Cloud services and features a circular turquoise refresh icon to the right. The background is dark with white text.

### **Assign licenses from multiple subscriptions to a single user** In the form, you have the ability to select more than one license, but may only select one subscription. This is intentional for the workflow to properly run. Allowing multiple subscriptions to be selected at once would complicate the logic to properly adjust subsciption counts. To assign licenses from multiple subscriptions to a single user, instead: 1. Complete the onboarding with one single subscriptions selected. 2. Manually add additional licenses from other subscriptions after the user is created. ## **Decoded advanced Jinja conditions** In some cases, form fields are dynamically determined using complex Jinja logic. For example: Identity provider configuration field visibility {% code overflow="wrap" %} ```django {% set idp_config = "invalid_idp" %} {%- if ORG.VARIABLES.primary_identity_provider|d|lower in ["azure_ad","azuread"] or CTX.mail_only_user|d(false) -%} {%- set idp_config = "azure_ad" -%} {%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.onprem_no_adsync|d|lower in ["true","1"] -%} {%- set idp_config = "hybrid_no_sync" -%} {%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.no_azure_ad|d|lower == "true" -%} {%- set idp_config = "on_prem_only" -%} {%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] -%} {%- set idp_config = "on_prem" -%} {%- endif %} {{- idp_config in ["hybrid_no_sync", "on_prem_only", "on_prem"] -}} ``` {% endcode %} * The field will only show if `ORG.VARIABLES.primary_identity_provider` is On-Prem, Hybrid without Sync, or On-Prem Only. * If **Azure AD** is selected, the field will be hidden.