Customer Integration for Microsoft Teams
- This article outlines the first step for configuring integration between Microsoft Teams and Risk Cloud.
Login to https://portal.azure.com/#home with a user that has either the Global Administrator role or Privileged Role Administrator, User Administrator, Privileged Authentication Administrator, or License Administrator roles:
- It is strongly recommended to have a Global Administrator perform this setup
1. Click the "View" button under "Manage Azure Active Directory."
2. Click on "App registrations" on the left-hand side of the "Overview" screen.
3. Click "+ New Registration" near the top of the "App registrations" screen.
4. Give the new application a name, and be sure to have "Accounts in this organizational directory only" selected.
5. Click the "Register" button
6. You should be presented with a screen similar to the image below. Take note of the "client" and "tenant" IDs. We will need to save this information to be stored in the RiskCloud.
7. Click on "API permissions" on the left-hand side.
8. Click on "Add a permission" and add all of the following permissions:
9. Once added, click "Grant admin consent for…".
10. Click on "Authentication" on the left-hand side of the screen.
12. Set "Allow public client flows" to "Yes" under the "Advanced settings" section
13. Click on "Home" in the top left of the screen, and then "View" under "Manage Azure Active Directory."
14. Click on "Users" on the left-hand side of the "Overview" screen.
15. Click "+ New user" and then "Create new user."
- Create this user as any other user in the system. This will ensure proper functionality of the integration.
- Be sure to take note of the username. This information will be stored in the RiskCloud
- The password you create here will be temporary. We will reset this password next
- If the organization has MFA enabled, "Per-user MFA" can be configured on this screen. Be sure to turn it off for this new user
- Ensure that you have assigned the proper Group memberships and Licenses to this user, as you would set up any other user. Pay special attention to which Group memberships are assigned, as the user for the integration will only be able to message Channels and Members of those groups.
16. Once you have the username and password for this new user. Log out of the Azure portal and attempt to login to https://www.office.com/?auth=2 with this user in an Incognito tab (a "private" tab in your browser). You should be asked to reset your password. This password will be the new permanent password and should be strong.
17. Take note of your username and your new, permanent password. This information will be stored in the RiskCloud.
Once this user is created, you can configure the integration in Risk Cloud.