Managing Microsoft Teams¶
Within the application, it is now possible to interact with the customer using the Microsoft Teams. This helps the engineers to provide the comprehensive assistance to the customers. Functionalities such as screen sharing and webcam streaming make the service process very user-friendly and flexible. The Microsoft Teams account ,can only be configured by the admin. Establishing the Microsoft Teams account is done in the three stages:
- Set up Azure AD for your application
- Configure the Teams with your application
- Authorize the Teams account with Microsoft
Set up Azure AD for your application¶
To set up the Azure AD for your application, ensure this Azure environment should be part of the customer’s environment, so the organization where the engineers work at and proceed with the following steps:
- Sign in to the Azure Portal.
- Go to the Azure Active Directory page and navigate to App Registrations. Add a new App registration or edit an existing one if it is already registerd.
- In the overview tab, you will find a number of important/essential ID’s, such as the Application (client) ID and the Directory (tenant) ID. You will need these to set up the integration in the your application.
- Go to Certificates & Secrets and create a new Client Secret. Save this secret, as you will only be able to view it in the Azure portal once. This secret is also needed for the integration in your application.
- Go to Authentication and add a new Redirect URL. Choose the type Web and for the value, add the base URL of the app + ‘/oauth/v2/callback_azure’.
- For localhost: Local host.
Configure the Teams with your application¶
Teams has to configured to every tenant that we deploy.
To configure the Teams account, proceed with the following steps:
- Click Administer Microsoft Teams in the "Admin" screen and navigate to ‘Set up Microsoft Graph’. Add a new authentication and enter the details, as described below.
- Enter the display name of your choice. Recommendation would be ‘AH&SH – Dev’ or something similar.
- For the Application (client) ID, enter the key you find on the overview tab of your app registration in the Azure portal (refer to 3rd step in Set up Azure AD of your application).
- For the Directory (tenant) ID, enter the key you find on the overview tab of your app registration in the Azure portal (refer to 3rd step in Set up Azure AD of your application).
- For the Client Secret, enter the key you stored in a safe place after generating it in the Azure portal (refer to 4th step in Set up Azure AD of your application).
- At the bottom of the page, you will find the ‘+ Metadata’ button. Click it to expand the metadata and scroll down to the section of Supported Scopes. Add a New Scope and call it ‘OnlineMeetings.ReadWrite’.
- In the Selected Scopes section of the main form, select the OnlineMeetings. ReadWrite scope you just created. This will make sure that the MS Graph integration requests the correct permissions in order to create MS Teams meetings on the user’s behalf. Also, select the scope ‘offline_access’, which is needed to successfully get and use refresh tokens.
- Select code in the Selected Response Type section.
- Select querry in the Selected Response Mode section.
- Select consent in the Prompt section.
- Select the radio button "Yes" for "Is active".
- Click the ‘Get Authorization as a User’ button and authorize your own user account with Microsoft Graph.
Authorize the Teams account with Microsoft¶
Every user that wants to create a Microsoft Teams meeting from the AH&SH application has to authorize his account with Microsoft. To do it, procced with the following steps:
- Sign in as a Team Member or Team Lead role. Navigate to a Ticket or Assets tab, from which a Microsoft Teams call can be started. Click "Call customer with Micosoft Teams" button. When there is no active authorization found, a pop-up will be displayed. This pop-up also includes a button to provide the required authorization.
- When starting the authorization, you will be redirected to a Microsoft page. This page will ask you to sign in with your Microsoft account. Make sure to sign in with an account that is part of the Azure AD that the integration is configured with. For now, this will be your developer account with the format "firstname.lastname@example.org". Sign in with the account and then accept the requested permissions. By doing this, you authorize the Asset health and Service Hub application to create a Microsoft Teams meeting in your name.
Every developer has been granted an account with the format "email@example.com" and the password Welcome1!
3.You will be redirected to the Asset health and Service Hub application and now have an active authorization with Microsoft. Try creating a Microsoft Teams meeting again and you will now be taken into the main flow for this.
Any questions left?
Except where otherwise noted, content on this site is licensed under the MindSphere Development License Agreement.