Skip to content
This repository has been archived by the owner on Feb 12, 2024. It is now read-only.

Latest commit

 

History

History
143 lines (81 loc) · 8.3 KB

CONFIGURE_MS_TEAMS.md

File metadata and controls

143 lines (81 loc) · 8.3 KB
Raw

Configure MS Teams

In order to configure AccessBot integration with Microsoft Teams, follow the next steps:

Create Azure Bot

  1. Go to Create a Resource page on Microsoft Azure, search and click in the Azure Bot option:

screenshot-1

  1. When the Create an Azure Bot page loads, define your Bot handle, Resource Group and define the Type of App as "Multi Tenant" (as defined in the screenshot below):

screenshot-2

  1. You can go to the next step and define the tags as you prefer. Then, go to the final step ("Review + create") and click on "Create":

screenshot-3

  1. After the creation of the Azure Bot finishes, go to the created Azure Bot resource page, click in the configuration tab and fill the Messaging Endpoing field with a valid endpoint to AccessBot, then click on the Apply button:

screenshot-4

NOTE: The endpoint must finish with /botframework.

  1. Copy the Microsoft App ID and save it as the AZURE_APP_ID and then click on the Manage link button:

screenshot-5

  1. On the Certificates & Secrets tab show should see an already created Client Secret with a hided Value. This value is our AZURE_APP_PASSWORD. If you don't have access to the full value, click on the New client secret button:

screenshot-6

  1. A form in a side bar will appear to create a new client secret. Define a description to the new and a expire time if you want to and then click on the Add button:

screenshot-7

  1. After it finishes, you should be able to see the value of the created Client Secret. Copy this one and save it as the AZURE_APP_PASSWORD.

  2. Go back to the create Azure Bot resource page, click on the Channels tab and then click on the Microsoft Teams application:

screenshot-8

  1. A dialog will appear to ask you about the terms of service related to Microsoft Teams. To continue you need to aggree checking the I Agree... box and then clicking on the Aggree button:

screenshot-9

  1. On the Microsoft Teams application page, you need to select the Microsoft Teams Commercial (most common) option and then click on the Apply button:

screenshot-10

  1. Now go to the Azure Active Directory page:

image

  1. Finally, copy the Tenant ID and paste it into the environment variable AZURE_AD_TENANT_ID.

image

And now we can use AccessBot in Microsoft Teams via DMs. In the following section we'll configure the bot to use into the Microsoft Teams Organization.

NOTE: If you're passing environment variables via shell, ensure that you eclose the AZURE_APP_PASSWORD value between single quotes!

Start the bot

Start accessbot with the following environment variables:

  • AZURE_APP_ID - The Microsoft App ID of the created Azure Bot
  • AZURE_APP_PASSWORD - The created client secret in the previous section
  • AZURE_AD_TENANT_ID - The Tenant ID value shown in the Azure Active Directory page
  • SDM_BOT_PLATFORM - Must be ms-teams.
  • SDM_ADMINS - The administrator's email addresses (separated by spaces)

The MS Teams version uses a webhook endpoint. Ideally setup a HTTP Server with a Reverse Proxy pointing to: 0.0.0.0:3141. For developing purposes you could use ngrok, see here

To make sure if AccessBot is working, you can go back to the Channels tab on the create Azure Bot resource page and click on Open in Teams in the actions of the Microsoft Teams application to send DM messages to AccessBot on MS Teams and try the available commands:

screenshot-11

Register the App

  1. Generate an app id and enter the bot id
  1. Create a zip file of the app folder
$ zip app.zip *
  adding: color.png (deflated 2%)
  adding: manifest.json (deflated 57%)
  adding: outline.png (stored 0%)
  1. Open your Microsoft Teams App, go to Apps and search for Developer Portal, then click on The Developer Portal card:

screenshot-13

  1. Click on the Apps tab of the Developer Portal app and click on the Import app button and select the created zip file:

screenshot-14

  1. Once it finishes to upload the zip file data and load the app content, you can update the informations you prefer about the bot.

  2. Then go to the Publish section and click on the Publish to org submenu and click on the Publish your app button:

screenshot-15

  1. After a while, your app should be submitted:

screenshot-16

  1. Then, go to Teams, click on the actions of the team you want to add the bot and click on Manage Team:

screenshot-17

  1. Click on the Apps tab and on the More Apps button:

screenshot-18

  1. Click on the submitted bot:

screenshot-19

  1. Click on the Add button:

screenshot-20

And your bot is now installed on your organization and can be used on your teams.

How to use

To use AccessBot commands on Teams, you need to add a mention to the bot before the command (see the image below for an example running the help command):

screenshot-21

Limitations

Due to some MS Teams current limitations, the following features are not supported:

  • Request access commands via direct messages (DM): it is not possible to send messages to the admins when the bot receives a message via DM, therefore all the commands that request access are disabled via DM.
  • Admins reachability: if you want the admins to manage the access requests via DMs, you need to make sure that all the SDM_ADMINS belong to all teams inside your organization, because when a user requests an access the bot searches for the admins details inside the requester's team. So, because of this limitation we strongly recommend you to enable the SDM_ADMINS_CHANNEL feature.