Configure Microsoft Teams
This page outlines the steps required to setup Microsoft (MS) Teams as a chat channel for Luma. Please reach out to the Serviceaide support team and raise a support ticket asking them to create the Luma channel connector for MS Teams and provide a package; include your Luma tenant ID in the ticket information. Please also specify name for your bot in MS Teams. This is how users will identify the contact in MS Teams once all the configuration steps are completed. After raising the support ticket, Administrators can complete the setup by following the steps mentioned in this article. Once the setup is complete, users will be able to send and receive messages from Luma using Microsoft Teams.
Note
To configure MS Teams, you must have an account in Microsoft Office 365 portal and Microsoft Teams portal.
The Microsoft Teams Tenant Apps Catalog lets you distribute line-of-business applications that were built specifically for your organization.
Note
You need to be signed in to the Microsoft Teams client with an account that has either the global administrator or Microsoft Teams service administrator role enabled to publish apps for your organization. Learn more about using administrator roles to manage Teams.
Add Organization Domain in Microsoft Teams
To add the organization domain in the Microsoft Teams portal:
- Login to your Microsoft Teams account through the URL https://admin.teams.microsoft.com and click Org-wide settings as shown below.
- Under Org-wide settings, click External access as shown below.
- In External access, add the serviceaide.com domain and click Done. Adding the serviceaide.com domain allows your bot to communicate with the Luma SaaS environment which is on the Serviceaide domain.
Publish apps in the Microsoft Teams Tenant Apps Catalog
To publish apps in the Microsoft Teams Tenant Apps Catalog:
- Start the Microsoft Teams client and sign in using your global or teams service administrator credentials.
- From the Microsoft Teams Store/Apps, select the new section named for your specific organization (in this example, Contoso). Users in your organization can view apps in the catalog and install them for teams of which they are a member.
- From the store/Apps, select Upload a custom app > Upload for Contoso.
Navigate to the app Package and select it, and then click Open.
Note
The package will be specific to your organization and can be requested from support to provide the package for your specific Luma tenant.
When you navigate back to your Tenant Apps Catalog, the new enterprise app appears. Remember, only you and members of your organization have access to this app catalog.
Note
It may take a few hours for the App to appear in the Tenant Apps Catalog.
Once the Custom App appears in the Tenant Apps Catalog, login to your Microsoft Teams account through the URL https://admin.teams.microsoft.com. As an administrator you can configure and manage app permission policies in the Microsoft Teams admin center. You can apply organization-wide settings, use the global (organization-wide default) policy, and create and assign custom policies to individual users or users in a group.
Note
Users in your organization will automatically get the global policy unless you create and assign a custom policy. Org-wide app settings override the global policy and any custom policies that you create and assign to users.
- On the Global app permission policies page, click Org-wide app settings to configure the required settings.
- Under Third-party apps, adjust the following settings to control the access to third-party apps:
- Allow third-party or custom apps in Teams: This controls whether users can use third-party or custom apps. This must be turned on for the Luma Custom App to work.
- Allow any new third-party apps published to the store by default: This controls whether new third-party apps that are published to the Teams app store are automatically available in Teams. You can only set this option if you allow third-party apps. This can be turned off and is not required for the Luma Custom App.
- Under Custom apps, turn on Allow interaction with custom apps. This setting controls whether users can interact with custom (sideloaded) apps. Note that this is different from allowing users to upload custom apps. This must be turned on for the Luma Custom App to work.
- Click Save for org-wide app settings to take effect.
- Navigate to Tenant Apps and select the newly loaded custom App to be available for all users in the organization.
Once the App is available in the Tenant, users can search for the custom app as a contact and start a conversation with the Luma bot.
Attachment support on MS Team is only available when package is published in your organisation domain.
Configure a Custom App as a Pinned App
MS Teams administrators can also configure the App to be available as a Pinned App by following the below steps.
You can use the Microsoft Teams admin center to create a custom policy.
- On the left navigation of the Microsoft Teams admin center, go to Teams apps > Setup policies.
- Click Add.
- Enter a name and description for the policy, and then click Add apps.
- Turn on or turn off Allow uploading custom apps, depending on whether you want to let users upload custom apps to Teams. You cannot change this setting if Allow third-party or custom apps is turned off in Org-wide app settings in app permission policies.
- In the Add pinned apps pane, search for your Custom App, and then click Add. You can also filter apps by app permission policy. On selecting your list of apps, click Add.
- Arrange the apps in the order that you want them to appear in Teams, and then click Save.
Custom app policies and settings work together. The following table lists the custom app policy and settings, how they work together, and their combined effect on controlling who in your organization can upload custom apps to Teams.
Org-wide custom app setting | Team custom app setting | User custom app policy | Effect |
---|---|---|---|
Off | Off | Off | Interaction with all custom apps is blocked for your organization. Custom apps cannot be uploaded by anyone. You can use PowerShell to remove the custom app. |
Off | Off | On | Interaction with all custom apps is blocked for your organization. Custom apps cannot be uploaded by anyone. You can use PowerShell to remove the custom app. |
Off | On | Off | Interaction with all custom apps is blocked for your organization. Custom apps cannot be uploaded by anyone. You can use Windows PowerShell to delete custom apps. |
Off | On | On | Interaction with all custom apps is blocked for your organization. Custom apps cannot be uploaded by anyone. You can use PowerShell to remove the custom app. |
On | Off | Off | The user cannot upload custom apps. |
On | Off | On | If the user is a team owner, they can upload custom apps to the team. If the user is not a team owner, they can upload custom apps in the personal context. |
On | On | Off | The user cannot upload custom apps. |
On | On | On |
Enable auto-authentication
Users using MS Teams to communicate with Luma can be auto authenticated using Channel Source Data. Administrators need to follow the below steps to enable auto authentication:
Configuration Changes on Azure Portal
- Login to Azure portal with admin credentials and navigate to Azure Active Directory.
- Click on 'New Registration' to register a new application.
- On 'Register an application' screen, add display name for your application. On Support account types, select 'Accounts in any organizational directory (Any Azure AD Directory - Multitenant)' and click 'Register'.
- A new Application will now be available. System will auto generate Client/Application ID, Directory/Tenant ID and Object ID for the application.
- Next step is to create a new Client Secret Key. Click on 'Certificates & secret'. On 'Certificate & secret' screen, click on 'New Client secret' to generate a new secret key. Add a name to the secret key to identify the key and select Expires ‘Never’. Click 'Add'.
- A new secret key will be auto generated. This secret key will be used in Luma to enable auto authentication. The key would be encrypted later, Copy the key and save it for later use. This ID will be used in Channel configuration setting in Luma.
- Now, navigate to API permissions and click on Add a permission button to request permissions for your application to communicate with Luma.
- On Request API permission screen, Click on Microsoft Graph.
- Click Application permissions,select the below permissions:
a) User.Read
b) Under AccessReview, select AccessReview:Read.All
c) Under Directory, select Directory.Read.All
Click on Add Permissions to update permissions for your app.
- Requested permissions will now appear in the API Permission list. Click 'Grant admin consent ' button.
- System now prompts a message to grant consent for requested permissions. Click Yes to update.
- Once the permissions are added, Success message "Successfully granted admin consent for the requested permissions." will appears.
- Copy the Application Id from Application screen and save it for later use. This ID will be used in Channel configuration setting in Luma.
Configuration Changes in Luma
- Login to Luma with admin credentials and navigate to Tenant Settings.
- On Settings screen→ Manage Channel ID section, select 'MS_Teams' Channel for configuration. Set User attributes to 'channelSourceData'. Add User App id and Secret key copied from Azure portal (in previous steps) and click on Save.
Users will now be auto authenticated using channel specific source data.
To enable attachment support on MS Teams, please contact Serviceaide support team for latest package of Luma Channel Connector for MS Teams. The Package should be republished on MS Teams Portal for your organisation domain.
Once enabled, use Attachment icon to attach a file as user input during skill execution.
© 2019 Serviceaide 1-650-206-8988 http://www.serviceaide.com info@serviceaide.com