Versions Compared

Old Version 36

changes.mady.by.user Lakshmi Manda

Saved on

compared with

New Version 37

changes.mady.by.user Kalpana Malladi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Log in to the Microsoft Azure Portal.

  2. Navigate to Azure services > Azure Active DirectoryMicrosoft Entra ID.

  3. Navigate to Add > App registration.

  4. On the Register an application page, specify the name for registering the application and click Register. Learn more about creating an application at https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app.

...

  1. On the left navigation panel, navigate to Manage,select API permissions > Add a permission.

  2. On the Request API permissions window, select Microsoft Graph > Delegated permissions for the OAuth2 User account and Application permissions for the OAuth2 Application Account.

  3. Select the permissions from Files, Users, and Teams. Choose the minimum API permissions listed under Scopes and Permissions Required for Teams.

  4. Click Add Permissions. View all the permissions added under Configured permissions.

     

  5. Click Grant admin consent confirmation and select Yes.

  6. Click Overview and select Add a Redirect URI. You will be redirected to the Platform configurations page.

     

    1. Under Platform configurations, click Add a platform.

      Image Added

    2. Select Web and specify a valid Redirect URI either of the following Redirect URIs based on the region your server is located:
      https://emea.snaplogic.com/api/1/rest/admin/oauth2callback/teams
      https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/teams and click 

    3. Click Configure. A popup message displays indicating that the application is successfully updated.

      Image Removed

  7. On the Platform configurations page, click Save.

    Image Removed


Locate the Application Credentials in the Azure Portal

...

Microsoft Teams exposes a few granular permissions that control the access that apps have to resources. When users sign into your app, they are required to consent to these permissions. 

Delegated permissions (work or school account only*)

Permission

Display String

Description

Admin Consent Required?

Channel.Create

Create channels

Create channels in any team, on behalf of the signed-in user.

Info

You can create up to 37 channels in a team besides the default channel - General.

 

Yes

ChannelMember.ReadWrite.All

Add and remove members from channels.

Add and remove members from channels, on behalf of the signed-in user. Also allows changing a member's role, for example from owner to non-owner.

Yes

ChannelMessage.Send

Send channel messages

Allows an app to send channel messages in Microsoft Teams, on behalf of the signed-in user.

Info

You can send up to a maximum of 3000 messages per app per day, to a given channel.

No

ChannelSettings.ReadWrite.All

Read and write the names, descriptions, and settings of channels.

Read and write the names, descriptions, and settings of all channels, on behalf of the signed-in user.

No

ChannelSettings.ReadWrite.Group

Update the names, descriptions, and settings of this team’s channels.

Update this group's channel names, channel descriptions, and channel settings, without a signed-in user.

No

Directory.AccessAsUser.All

Access directory as the signed-in user

Allows the app to have the same access to information in the directory as the signed-in user.

Yes

Directory.ReadWrite.All

Read and write directory data

Allows the app to read and write data in your organization's directory, such as users, and groups. It does not allow the app to delete users or groups, or reset user passwords.

Yes

Group.ReadWrite.All

Read and write all groups

Allows the app to create groups and read all group properties and memberships on behalf of the signed-in user. Also allows the app to read and write calendar, conversations, files, and other group content for all groups the signed-in user can access. Additionally allows group owners to manage their groups and allows group members to update group content.

Yes

GroupMember.ReadWrite.All

Read and write group memberships

Allows the app to read and write group memberships.

No

TeamMember.ReadWrite.All

Add and remove members from teams.

Add and remove members from teams, on behalf of the signed-in user. Also allows changing a member's role, for example from owner to non-owner.

Yes

TeamSettings.ReadWrite.All

Read and change teams' settings

Read and change all teams' settings, on behalf of the signed-in user.

Yes

User.Read.All

Read all users' full profiles

Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.

Yes

Application permissions

Permission

Display String

Description

Admin Consent Required?

Channel.Create

Create channels.

Create channels in any team, without a signed-in user.

Info

You can create up to 37 channels in a team besides the default channel - General.

Yes

Channel.Create.Group

Create channels in this team.

Create channels in this group, without a signed-in user.

No

ChannelMember.ReadWrite.All

Add and remove members from all channels.

Add and remove members from all channels, without a signed-in user. Also allows changing a member's role, for example from owner to non-owner.

Yes

Directory.ReadWrite.All

Read and write directory data

Allows the app to read and write data in your organization's directory, such as users, and groups, without a signed-in user. Does not allow user or group deletion.

Yes

Group.ReadWrite.All

Read and write all groups

Allows the app to create groups, read and update group memberships, and delete groups. Also allows the app to read and write calendar, conversations, files, and other group content for all groups. All of these operations can be performed by the app without a signed-in user.

Info

Not all group APIs support access using app-only permissions. See known issues for examples.

 

Yes

GroupMember.ReadWrite.All

Read and write group memberships

Allows the app to list groups, read basic properties, read and update the membership of the groups this app has access to without a signed-in user. Group properties and owners cannot be updated and groups cannot be deleted.

Yes

TeamMember.ReadWrite.All

Add and remove members from all teams.

Add and remove members from all teams, without a signed-in user. Also allows changing a team member's role, for example from owner to non-owner.

Yes

TeamSettings.ReadWrite.All

Read and change teams' settings

Read and change all teams' settings, without a signed-in user.

Yes

TeamSettings.ReadWrite.Group

Update the settings for this team.

Read and write this team's settings, without a signed-in user.

No

Teamwork.Migrate.All

Manage migration to Microsoft Teams

Creating and managing resources for migration to Microsoft Teams

Yes

User.Read.All

Read all users' full profiles

Allows the app to read the full set of profile properties, group membership, reports and managers of other users in your organization, without a signed-in user.

Yes

* Personal Microsoft accounts are not supported. 

...

If you select the Auto-refresh token checkbox, then you must provide offline_access as the Scope in the Token end point configuration.

Troubleshooting

Common Errors

Reason

Response

Error 401

Token is invalid

Provide a valid token and reauthorize the account.

The redirect URI specified does not match the reply URI configured for the application.

Incorrect redirect URI specified by user.

Add the following redirect_uri:
https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/teams

URL error when invoking the operation

Ensure the tenant domain name is correct.

Ensure that Directory (tenant) ID noted from the application is in the correct format.

Example: 2060aafa-89d9-423d-9514-eac46338ec05

Frequently Asked Questions

...