Modernizing SCCM Application Approval

30 Jan 2017

Author: marcus clayton

Azure VM Onboarding Experience

Figure: Approval email a user’s manager will receive, which clearly identifies the request, and how to take action.

To bring a modern approach to this workflow, I put together a solution which leverages Azure Logic Apps, an Azure SQL database, and PowerShell script which provides [mobile friendly] secure email based approval of SCCM application requests. At a high level, the user requests an application from the app catalog, which creates a new request in the Azure SQL database, spawning a Logic App run, which sends an approval email to user’s manager (or pre-defined mailbox/distribution list), waits for an approve or deny response, and ultimately approves or denies the request within SCCM. Once the request has been approved or denied, the user will receive an email notification, updating them with the request status. By putting the engine in an Azure Logic App, this solution can easily be extended or tailored to hook into [any] service which has a documented API or pre-built Microsoft connector (the current list of connectors is fairly long, and grows weekly). The code is available on GitHub.