Skip to main content

How to integrate my Teams account?

Overview

To authenticate, you will need to provide the following information:

  • Client ID
  • Tenant ID
  • Client Secret
  • Username
  • Password

Step 1: Login to Microsoft Entra (Azure AD) Portal

  1. Go to Microsoft Azure
  2. Sign in with the Microsoft account that has access to your Teams tenant (typically an admin account).

Step 2: Register Your Application

  1. Once logged in, go to "Microsoft Entra ID" from the left menu.
  2. Select "App registrations".
  3. Click on "+ New registration".

Fill the registration form:

  • Name: Give your app a name (e.g., Unizo Teams App)
  • Supported account types: Choose
    • Accounts in this organizational directory only (for single tenant)
  • Redirect URI: Leave blank or add one if using OAuth login (e.g., https://localhost for testing)
  1. Click Register.

Step 3: Get the Client ID and Tenant ID

  1. After the app is registered, you will land on the app overview page.
  2. Copy the following:
    • Application (client) ID → This is your Client ID
    • Directory (tenant) ID → This is your Tenant ID

Step 4: Generate Client Secret

  1. Go to Certificates & secrets in the left sidebar
  2. Under Client secrets, click + New client secret
  3. Add:
    • Description: (e.g., Teams App Secret)
    • Expires: Select an expiration duration (e.g., 6 months or 1 year)
  4. Click Add
  5. Copy the Value immediately — this is your Client Secret

Step 5: Get Username and Password

  1. Use the email address and password of a user who has access to Microsoft Teams in your organization.
  2. This should be a valid, licensed Microsoft 365 user.
  3. These credentials will be used to authenticate the user via OAuth 2.0 Resource Owner Password Credentials (ROPC) grant type (only if your tenant allows it).

Required Microsoft Graph Permissions

PermissionsType
Directory.Read.AllApplication / Delegated
Organization.Read.AllApplication / Delegated
Channel.Read.AllApplication / Delegated
Channel.Read.AllApplication / Delegated
ChannelMessage.Read.AllDelegated only
ChannelMessage.SendDelegated only

Important:

  • Application permissions are used for background/server-to-server apps (client credentials flow).
  • Delegated permissions are used when a signed-in user is involved (OAuth authorization code or ROPC).
  • ChannelMessage.Send and ChannelMessage.Read.All are not allowed in application-only context for real-time message interaction.

How to Add these Permissions

  1. Go to Azure Portal
  2. Navigate to Microsoft Entra ID → App registrations
  3. Open your app → Go to API Permissions
  4. Click + Add a permission
  5. Select:
    • Microsoft Graph
    • Choose:
      • Delegated permissions for interactive apps
      • Application permissions for background apps
  6. Add the required permissions listed above
  7. Click Grant admin consent (needed for Application permissions)