Configure MS Teams
In order to configure AccessBot integration with Microsoft Teams, follow the next steps:
Create Azure Bot
- Go to Create a Resource page on Microsoft Azure, search and click in the
Azure Bot
option:
- When the
Create an Azure Bot
page loads, define yourBot handle
,Resource Group
and define theType of App
as “Multi Tenant” (as defined in the screenshot below):
- You can go to the next step and define the tags as you prefer. Then, go to the final step (“Review + create”) and click on “Create”:
- After the creation of the Azure Bot finishes, go to the created Azure Bot resource page, click in the configuration tab and fill the
Messaging Endpoing
field with a valid endpoint to AccessBot, then click on theApply
button:
NOTE: The endpoint must finish with /botframework
.
- Copy the
Microsoft App ID
and save it as theAZURE_APP_ID
and then click on theManage
link button:
- On the
Certificates & Secrets
tab show should see an already createdClient Secret
with a hided Value. This value is ourAZURE_APP_PASSWORD
. If you don’t have access to the full value, click on theNew client secret
button:
- A form in a side bar will appear to create a new client secret. Define a description to the new and a expire time if you want to and then click on the
Add
button:
-
After it finishes, you should be able to see the value of the created
Client Secret
. Copy this one and save it as theAZURE_APP_PASSWORD
. -
Go back to the create Azure Bot resource page, click on the
Channels
tab and then click on theMicrosoft Teams
application:
- A dialog will appear to ask you about the terms of service related to Microsoft Teams. To continue you need to aggree checking the
I Agree...
box and then clicking on theAggree
button:
- On the Microsoft Teams application page, you need to select the
Microsoft Teams Commercial (most common)
option and then click on theApply
button:
- Now go to the Azure Active Directory page:
- Finally, copy the
Tenant ID
and paste it into the environment variableAZURE_AD_TENANT_ID
.
And now we can use AccessBot in Microsoft Teams via DMs. In the following section we’ll configure the bot to use into the Microsoft Teams Organization.
NOTE: If you’re passing environment variables via shell, ensure that you eclose the AZURE_APP_PASSWORD
value between single quotes!
Start the bot
Start accessbot with the following environment variables:
- AZURE_APP_ID - The
Microsoft App ID
of the created Azure Bot - AZURE_APP_PASSWORD - The created client secret in the previous section
- AZURE_AD_TENANT_ID - The
Tenant ID
value shown in the Azure Active Directory page - SDM_BOT_PLATFORM - Must be
ms-teams
. - SDM_ADMINS - The administrator’s email addresses (separated by spaces)
The MS Teams version uses a webhook endpoint. Ideally setup a HTTP Server with a Reverse Proxy pointing to: 0.0.0.0:3141
. For developing purposes you could use ngrok, see here
To make sure if AccessBot is working, you can go back to the Channels
tab on the create Azure Bot resource page and click on Open in Teams
in the actions of the Microsoft Teams application to send DM messages to AccessBot on MS Teams and try the available commands:
Register the App
- Generate an app id and enter the bot id
- Download the ms-teams/app folder
- Generate a random id here and define it in the “id” field of the manifest.json file
- Paste the AZURE_APP_ID on the “botId” field of the manifest.json file
- Create a zip file of the app folder
$ zip app.zip * adding: color.png (deflated 2%) adding: manifest.json (deflated 57%) adding: outline.png (stored 0%)
- Open your
Microsoft Teams App
, go toApps
and search forDeveloper Portal
, then click on TheDeveloper Portal
card:
- Click on the
Apps
tab of theDeveloper Portal
app and click on theImport app
button and select the created zip file:
-
Once it finishes to upload the zip file data and load the app content, you can update the informations you prefer about the bot.
-
Then go to the
Publish
section and click on thePublish to org
submenu and click on thePublish your app
button:
- After a while, your app should be submitted:
- Then, go to
Teams
, click on the actions of the team you want to add the bot and click onManage Team
:
- Click on the
Apps
tab and on theMore Apps
button:
- Click on the submitted bot:
- Click on the
Add
button:
And your bot is now installed on your organization and can be used on your teams.
How to use
To use AccessBot commands on Teams, you need to add a mention to the bot before the command (see the image below for an example running the help command):
Limitations
Due to some MS Teams current limitations, the following features are not supported:
- Request access commands via direct messages (DM): it is not possible to send messages to the admins when the bot receives a message via DM, therefore all the commands that request access are disabled via DM.
- Admins reachability: if you want the admins to manage the access requests via DMs, you need to make sure that all the
SDM_ADMINS
belong to all teams inside your organization, because when a user requests an access the bot searches for the admins details inside the requester’s team. So, because of this limitation we strongly recommend you to enable the SDM_ADMINS_CHANNEL feature.