IT OPS
Ticket-Driven Offboarding Revocation Runbook
Watches for offboarding tickets and works the access-revocation checklist item by item.
How it runs
The automated pipeline, trigger to output.
- TriggerNew offboarding-tagged ticket createdZendesk
- ActionRevoke GitHub access and confirm removalGitHub
- ActionDisable Slack and Google Workspace seatSlack
- LogicPer-system: confirmed comment vs. escalate ticket
- ActionRevoke Gmail/Workspace session and verifyGmail
- OutputUpdate ticket to solved with revocation summaryZendesk
What it does
Turns an offboarding support ticket into an executable runbook. When a ticket tagged for departure arrives, the workflow reads the named employee, walks each required system, revokes their access, and writes back a confirmation comment per system. The ticket only escalates to a human if a revocation cannot be verified.
When to use it
Use it when your offboarding process already starts in a helpdesk and you want the ticket itself to be the source of truth. Good for IT teams that need every revocation timestamped inside the ticket history for compliance.
How it works
- 1A new Zendesk ticket with the offboarding tag triggers the flow.
- 2It parses the departing employee's email from the ticket fields.
- 3For each system in the checklist it calls the revoke endpoint, then queries back to confirm the seat is inactive.
- 4A logic step decides per system: confirmed seats get a checkmark comment, failures route the ticket to the IT escalation group.
- 5Once all systems resolve confirmed, the ticket is updated to solved with a full revocation summary.
Set it up
What you configure once, before turning it on.
- 1Connect ZendeskTickets, queues, knowledge base.
- 2Connect GitHubRepos, issues, pull requests, actions.
- 3Connect SlackChannels, DMs, threads, mentions.
- 4Connect GmailRead, draft, send, label.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More IT Ops workflows
Recurring Sensor Fault Root-Cause Investigator
On a schedule, an agent reviews recent Monday work orders and BigQuery telemetry to identify equipment with repeating faults, drafts a root-cause hypothesis with a recommended fix.
Daily Building Anomaly Digest to MS Teams
Each morning queries BigQuery for the prior day's flagged sensor anomalies, summarizes them by site and system into a ranked briefing.
Agentic Inactive-Seat Reclamation Review
An agent investigates each idle SaaS seat by correlating SSO login gaps with HR status and ticket history, classifies it as reclaim, hold, or escalate, and drafts a reasoned…
Reconcile SSO logins against expense spend to find unmanaged tools
Joins SSO usage data with expense/payment records in Snowflake to surface tools that are being used but not paid for, or paid for but never logged.
Approved-Seat Deprovision Execution
Fires when an IT approver confirms a seat for removal, then executes deprovisioning via the IdP API and logs the action to an audit table and a Linear cleanup ticket.
HVAC Anomaly Detection to Severity-Routed Work Orders
Ingests building HVAC telemetry via webhook, flags out-of-band temperature, pressure, or runtime readings.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.