Microsoft Teams Connector: Azure App with Delegated Permissions

Index user is able to fetch documents and messages from teams he is a member of.

In order to fetch all documents and messages index user has to be added to all teams by a global administrator.

• Manually by navigating to Microsoft Teams admin center
  • Navigate to Teams and select Manage teams
    • For each team, select a team name, navigate to Members and click +Add Members
• Programmatically using  msteams_adduser_to_all_teams.ps1 - simple PowerShell script, which will read all teams and add an index user to each of them. It may take time until changes made by the script will be triggered.  (Important note: Microsoft Teams PowerShell module and global admin credentials are required.)

Step 1 - Go to Azure Portal

• Go to https://portal.azure.com
• Log-in with an Azure user that has the Application Administrator role.
• Select "Azure Active Directory"

Step 2 - Go to App Registration

• Select App registrations

• Select "New registration"

Step 3 - Create New Application

• Type in the name, e.g. "Ayfie".
• Select Accounts in this organizational directory as Supported account types
• Select application type: "Public Client (mobile & desktop)".

Step 4 - Set Required Permissions

• Please select API permissions tab → Add a permission → Microsoft Graph

• Please chose delegated permissions

Please select following delegated permissions: 

• Group.Read.All

• User.Read.All
• User.Read

• Files.Read
• Files.Read.All

• Sites.Read.All

Finally, grant admin consent

Step 5 - Modify Manifest

• Go to Manifest
• In the manifest editor, set the allowPublicClient property to true

Step 6 - Application ID

Take notes of the "Application ID". This is the "Client ID" you'll be using in the management console.

Index User

Please make sure that the Index user has been activated.

In order to active the user log in to the https://teams.microsoft.com/ using index user credentials.