In this article
Overview
You can use this account type to connect Teams Snaps with data sources that use OAuth2 User account.
The account authenticating the Teams OAuth2 User Account must have access to the Microsoft Teams Application through the Office 365 dashboard to use the Teams Snaps. Without the Teams access (through the Office 365 Dashboard), the authentication may happen, but you will not receive an access token.
Prerequisites
- The user authorizing as a User Account must have access to either of the following:
- Teams application through the Office 365 portal.
- Office365 (admin access) for the Application account.
- A registered application in the Microsoft Azure Portal with appropriate permissions that contains the following information.
- Client ID
- Tenant name or Tenant ID
- Client secret
- OAuth 2.0 authorization endpoint
- OAuth 2.0 token endpoint
- Token endpoint configuration
- Auth endpoint configuration
Limitations and Known Issues
None.
Account Settings
| Parameter | Data Type | Description | Default Value | Example |
|---|---|---|---|---|
Label | String | Required. Enter a unique label for the account. | N/A | MSTeams_Docs_User_Account |
Client ID | String | Required. Enter the client ID associated with your Azure application. You can create the client ID as advised by your application provider. | N/A | 1abcd23e-45fg-6789-hi01-23456jk789l0 |
Client secret | String | Enter the client secret associated with your account. You can create the client secret as advised by your application provider. | N/A | bec1f9242f9nsh67f2276b9ws4cadd14 |
Access token | String | Auto-generated upon account authorization. The access token associated with the Azure portal application is used to make API requests on behalf of the user associated with the client ID. | N/A | N/A |
| Refresh token | String | Auto-generated upon account authorization. A string that allows the OAuth client to get a new access token. To retrieve the Refresh token automatically, you should set the scope in the authentication parameters so that the resulting refresh token is stored in this field. If the refresh token is stored, then the access token can be refreshed automatically before it expires. To obtain the refresh token, set
| N/A | N/A |
Access token expiration | Integer | Auto-generated upon account authorization. The access token expiration value. | N/A | N/A |
| OAuth2 Endpoint | URL | Required. Enter the tenant ID in the designated position in the URL. | https://login.microsoftonline.com/ <tenant-id*>/oauth2/v2.0/authorize | https://login.microsoftonline.com/123a456b-7c89-0d1e-234f-g5h678901ijk/oauth2/v2.0/authorize |
OAuth2 Token | URL | Required. Enter the tenant ID in the designated position in the URL. | https://login.microsoftonline.com/ <tenant-id*>/oauth2/v2.0/token | https://login.microsoftonline.com/123a456b-7c89-0d1e-234f-g5h678901ijk/oauth2/v2.0/token |
Token endpoint config | Use this field set to configure token endpoint parameters as necessary for the account. This field set comprises the following fields:
Click the + or - icons to respectively add or remove configuration rows. Required Token endpoint parameters Provide values at least to the parameters scope and redirect_uri, in this field set. | |||
Token endpoint parameter | String | Provide the name for the token endpoint parameter. | N/A | scope |
Token endpoint parameter value | String | Provide the value for the parameter, typically the default scope or a redirect_uri. See Scopes and Permissions Required for Teams API. | N/A | offline_access Channel.ReadBasic.All ChannelMessage.Send ChannelMember.ReadWrite.All Channel.Create Group.ReadWrite.All GroupMember.ReadWrite.All TeamMember.ReadWrite.All Team.ReadBasic.All User.Read.All |
| Auth endpoint config | Use this field set to configure auth endpoint parameters as necessary for the account. This field set comprises the following fields:
Click the + or - icons to respectively add or remove configuration rows. Required Token endpoint parameters Provide values at least to the parameters scope and redirect_uri, in this field set. | |||
| Auth endpoint parameter | String | Provide the name for the auth endpoint parameter. | N/A | scope |
| Auth endpoint parameter value | String | Provide the value for the parameter, typically the default scope or a redirect_uri. See Scopes and Permissions Required for Teams API. | N/A | offline_access Channel.ReadBasic.All ChannelMessage.Send ChannelMember.ReadWrite.All Channel.Create Group.ReadWrite.All GroupMember.ReadWrite.All TeamMember.ReadWrite.All Team.ReadBasic.All User.Read.All |
| Auto-refresh token | Checkbox | Select this to refresh the access token automatically. | Not selected | Selected |
| Authorize | Button | Click this button to acquire the required permissions for this account from the Azure portal app, when creating an account. For existing accounts, you can click this button to re-acquire the permissions to ensure that the account works as expected. This action does not require or result in any changes to the Access Token that is already generated. | N/A | N/A |
| Refresh | Button | Click this button to refresh the access token using the refresh token. | N/A | N/A |
