Skip to main content
Version: Cloud

Javi – Omada AI assistant

Javi is an AI-powered assistant that can help you with a variety of identity and access management activities. It complements Omada Identity, allowing expedite handling of access requests and approvals. You can ask Javi any question about Omada (this includes detailed technical questions related to documentation and processes). Multiple languages are supported. Javi is an optional paid feature.

Core features and functionalities

You can ask Javi to perform the following actions:

  • access request - submit and manage access requests with ease
  • access approval - approve access requests directly within Microsoft Teams
  • Q&A - get answers to questions about Omada Identity and technical documentation
  • scheduled notifications - use scheduled notifications for pending approval requests

Pre-installation checklist

RequirementDescription
Admin access to Microsoft Teams Admin CenterRequired to install, configure, and manage the Javi app.
Admin access to Omada Identity CloudNeeded for identity mapping and system configuration.
Microsoft Entra Tenant IDUsed to link Microsoft Teams with Omada.
UPN attribute name identifiedEnsures identity matching between Teams users and Omada.
IP address ranges whitelistedNecessary for secure Javi backend communication.
Javi installation ZIP file (if applicable)Required if you are not installing from AppSource.

Onboarding overview

  1. Gather all required details as listed in the Prerequisites and Omada configuration section.
  2. Complete the configuration steps in the Omada Identity Cloud portal.
  3. Submit a service request in the Omada Support Service Desk, titled Enablement of Javi, including:
  4. Install the Javi app in Microsoft Teams.
  5. Omada enables Javi for your specified environment. Omada will notify you through a support ticket once the app is ready for use.

Prerequisites and Omada configuration

To use Javi, Teams users must have a corresponding identity in Omada (a user object). Users without such an identity (for example, service or admin-only accounts) will not be able to use Javi.

  1. Log into Omada Identity Cloud as a System Administrator. Go to Setup > Identities.

  2. Select a user, right-click the property mapped to UPN, and select Info.

    Identity info

  3. Note the System Name of this field.

    Identity field
note

This UPN mapping is currently configured manually by Omada personnel. Share the value with your Omada contact.

To establish a connection between your Microsoft Teams tenant and Omada:

  1. In the Azure Portal, go to Microsoft Entra ID for the relevant tenant.

  2. In the Overview section, copy the Tenant ID.

    Entra Tenant ID
note

Send the Tenant ID to your Omada contact. This step is currently handled manually by Omada.

Enable OData for Resource Data Object Type

To allow Javi to retrieve requestable resources:

  1. In Omada Identity, navigate to Setup > Data Object Types > Resources.

  2. Select the Enable this type for OData checkbox.

    Javi oData

IP Address whitelisting

Javi requires IP whitelisting to allow secure impersonation requests. To update the whitelist:

  1. Log into Omada as a System Administrator.
  2. Go to Setup > Administration > System Settings > Customer Settings.
  3. In the Customer IAM section, locate IP mask for portal servers.
  4. Add the following IP ranges (do not overwrite the existing values, append new entries as needed):

EU zone

20.8.1.*, 20.8.2.*, 20.31.72.*, 20.31.76.*, 20.31.78.*, 20.31.79.*, 20.76.176.*, 20.86.237.*, 20.103.101.*, 20.103.102.*

US zone

172.171.168.*, 172.214.4.*, 172.171.169.*, 20.119.16.*, 172.171.170.*, 172.214.1.*, 172.214.7.*, 172.214.3.*, 172.214.2.*

  1. Click OK.
note

A user that is a member of the Administrators group cannot be used in the impersonation scenarios.

Installing Javi in Microsoft Teams

Installation through Microsoft AppSource

  1. Go to Microsoft AppSource and search for Javi Omada IGA Assistant.

  2. Click Get it now.

  3. Log into Microsoft Teams and select Add.

  4. Javi will now be listed in your apps.

    Javi listed in the available apps

Manual installation using a ZIP file

Prerequisites: You need to have the Teams administrator permissions to onboard a new application.

  1. Go to Teams admin center. Select Teams apps > Manage apps.

  2. In the top right corner, click Actions > Upload new app.

  3. Navigate to the Javi AI Assistant .zip file provided by Omada. Click Open.

  4. Wait until the app is installed. Once the installation is complete, locate the app on the list:

    Javi listed in the available apps

Configuring the app

  1. In Teams Admin Center, go to Teams apps > Manage Apps.

  2. Select the Javi app and configure its availability by clicking Edit availability. Change this setting to make it available to specific users or groups, and then review installation requests. To make Javi available by default, see Setup policies in Microsoft Teams documentation for details.

Best practices

  1. State your intent at the beginning. Avoid adding any further details at first. "I want to request access", "Show me my pending approvals" should be sufficient.

  2. Avoid ambiguities. For example, you have just requested to see your pending approvals. You then ask to review further five most recent items from the list. Finally, you enter Give me more info on the first 3. Javi will be confused about the first 3 resources - whether they refer to the first or the second overview.

  3. Maintain relevance to the most recent turn. For example, you are requesting access to a resource. Javi has gathered your business context and selected resources, and is now asking you for the reason. Instead of providing the reason, you respond I want access to resource [a second resource] to carry out a project. Javi may be confused over which action to perform next.

  4. Avoid abrupt shifts of scope. For example, you are in the process of making an access request. You have asked Javi to help you select a business context for your request. If you ask Javi at that point What are the approval requests pending to that context?, Javi will most likely be confused.

  5. Use the search or find keywords. If Javi is having trouble retrieving information (such as your pending approvals, resources for requesting access, resource ids for requesting access, your business contexts etc.) use the keywords.

  6. Paraphrase your prompt. When Javi is not returning the desired response, try asking in a different way using alternative phrasing.

  7. Be conscious of memory capacity when requesting access. Avoid requesting access to more than 2 (possibly 3) resources per request. Maintain a step-by-step, fast conversation flow when filling in the requirements for the access request:

    1. Select context.
    2. Find resource_A.
    3. Find resource_B.
    4. State the reason.
    5. Confirm the summary.
    6. Make a request.

  8. Avoid overloading your prompt. Your prompt should focus on performing a single step. For example, if you want to request access to multiple resources during an access request, search for them one by one using one turn per resource search.

Troubleshooting

ProblemSolution
Javi does not respond in TeamsConfirm IP whitelisting and OData are correctly configured.
User cannot access JaviEnsure a valid identity exists with a correct UPN mapping is set.
Access requests not workingCheck that Resource Data Object Type in OData is enabled.
App not showing in TeamsEnsure it is added to a valid Teams Setup Policy.
ZIP upload failsVerify Teams admin permissions and check file integrity.