From ICIHelp8.2
Jump to: navigation, search
Line 24: Line 24:
 
'''2. ICI UI application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.'''
 
'''2. ICI UI application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.'''
  
'''[[File:8.1 Configure Teams 1.PNG|620px]]<br/> [[File:8.1 Configure Teams 2.PNG|620px]]<br/> [[File:8.1 Configure Teams 3.PNG|620px]]'''
+
'''[[File:8.1 Configure Teams 1.PNG|620px|8.1 Configure Teams 1.PNG]]<br/> [[File:8.1 Configure Teams 2.PNG|620px|8.1 Configure Teams 2.PNG]]<br/> [[File:8.1 Configure Teams 3.PNG|620px|8.1 Configure Teams 3.PNG]]'''
  
 
'''3. Create a new or update existing ICI UI Application:''' Clients who are updating the existing ICI UI app can skip points '''‘a’''' to '''‘d’''' and directly open the existing ICI UI app on Azure portal and start with point '''‘e’.'''
 
'''3. Create a new or update existing ICI UI Application:''' Clients who are updating the existing ICI UI app can skip points '''‘a’''' to '''‘d’''' and directly open the existing ICI UI app on Azure portal and start with point '''‘e’.'''
Line 35: Line 35:
 
#Select the '''Supported account types''' for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).  
 
#Select the '''Supported account types''' for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).  
 
#For the '''Redirect URI:''' <ol style="list-style-type:lower-alpha;">
 
#For the '''Redirect URI:''' <ol style="list-style-type:lower-alpha;">
<li>Select '''Web'''.</li>
 
<li>Set the URL to (''ICI UI Application URL'')</li>
 
 
</ol>  </ol>
 
</ol>  </ol>
  
 +
*Select '''Web'''.
 +
*Set the URL to (''ICI UI Application URL'')
 +
*#Go to ‘'''App Registrations'''’ under ‘'''Azure Active Directory'''’ on Azure portal and on the right panel, click ‘'''New registration’''' tab. <ol style="list-style-type:lower-roman;">
 +
</ol>  </ol>  <li>
 
[https://{{your-tenant-name}}.icertis.com https://{{your-tenant-name}}.icertis.com]
 
[https://{{your-tenant-name}}.icertis.com https://{{your-tenant-name}}.icertis.com]
  
Line 52: Line 54:
 
<li>Select '''Add'''.</li>
 
<li>Select '''Add'''.</li>
 
<li>Before leaving this page, '''record the secret'''.</li>
 
<li>Before leaving this page, '''record the secret'''.</li>
</ol>
+
</ol>  
 
+
 
e.&nbsp;In the left panel, select ‘API permissions’ to add certain delegated permission for your UI application.
 
e.&nbsp;In the left panel, select ‘API permissions’ to add certain delegated permission for your UI application.
 
<ol style="list-style-type:lower-roman;">
 
<ol style="list-style-type:lower-roman;">
Line 60: Line 61:
 
<li>Select ‘Delegated permissions’.</li>
 
<li>Select ‘Delegated permissions’.</li>
 
<li>Now select the following permission (''please find more information on usage of every API permission under ‘'''Section B.2'''’'')</li>
 
<li>Now select the following permission (''please find more information on usage of every API permission under ‘'''Section B.2'''’'')</li>
</ol>
+
</ol>  
 
+
 
#AppCatalog.Read.All  
 
#AppCatalog.Read.All  
 
#Channel.Create  
 
#Channel.Create  
Line 71: Line 71:
 
#TeamsAppInstallation.ReadWriteForTeam  
 
#TeamsAppInstallation.ReadWriteForTeam  
 
#User.Read  
 
#User.Read  
#User.ReadBasic.All  
+
#User.ReadBasic.All
 
+
 
f.&nbsp;Copy and save the following information to a file:
 
f.&nbsp;Copy and save the following information to a file:
 
<ol style="list-style-type:lower-roman;">
 
<ol style="list-style-type:lower-roman;">
 
<li>The '''Application (client) ID''' value. You'll use this value later as the ''Client ID'' when you register this Azure identity application with your bot.</li>
 
<li>The '''Application (client) ID''' value. You'll use this value later as the ''Client ID'' when you register this Azure identity application with your bot.</li>
 
<li>The '''Directory (tenant) ID''' value. You'll also use this value later as the ''Tenant ID'' to register this Azure identity application with your bot.</li>
 
<li>The '''Directory (tenant) ID''' value. You'll also use this value later as the ''Tenant ID'' to register this Azure identity application with your bot.</li>
</ol>
+
</ol>  
 
+
 
g. With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (''to be able to enable ICI integration with Microsoft Teams'').
 
g. With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (''to be able to enable ICI integration with Microsoft Teams'').
 
<ol style="list-style-type:lower-roman;">
 
<ol style="list-style-type:lower-roman;">
Line 85: Line 83:
 
<li>Client Secret '''[Copy value to E.3]'''</li>
 
<li>Client Secret '''[Copy value to E.3]'''</li>
 
<li>(ICI UI) Redirect URI</li>
 
<li>(ICI UI) Redirect URI</li>
</ol>
+
</ol>  
 
+
 
== Azure Portal Configuration for ICI API Application ==
 
== Azure Portal Configuration for ICI API Application ==
  
Line 99: Line 96:
 
<li>Set the URL to [https://token.botframework.com/.auth/web/redirect '''https://token.botframework.com/.auth/web/redirect'''] (''required to authenticate the Icertis Teamworks App'')</li>
 
<li>Set the URL to [https://token.botframework.com/.auth/web/redirect '''https://token.botframework.com/.auth/web/redirect'''] (''required to authenticate the Icertis Teamworks App'')</li>
 
</ol> </li>
 
</ol> </li>
</ol>
+
</ol>  
 
+
 
'''2.&nbsp;''''''ICI API application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.'''
 
'''2.&nbsp;''''''ICI API application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.'''
  
'''[[File:8.1 Configure Teams 4.PNG|620px]]'''
+
'''[[File:8.1 Configure Teams 4.PNG|620px|8.1 Configure Teams 4.PNG]]'''
  
 
'''3. Create a new ICI API Application: '''We need an identity provider that can be used for authentication of ICI API & ‘Icertis Teamworks’ (Microsoft Teams) app. For clients who are updating the existing ICI API app can skip points '''‘a’''' to '''‘d’''' and directly open the existing ICI API app on Azure portal and start with point '''‘e’.'''
 
'''3. Create a new ICI API Application: '''We need an identity provider that can be used for authentication of ICI API & ‘Icertis Teamworks’ (Microsoft Teams) app. For clients who are updating the existing ICI API app can skip points '''‘a’''' to '''‘d’''' and directly open the existing ICI API app on Azure portal and start with point '''‘e’.'''
  
 
&nbsp;
 
&nbsp;
 
+
</li>
#Go to ‘'''App Registrations'''’ under ‘'''Azure Active Directory'''’ on Azure portal and on the right panel, click ‘'''New registration’''' tab. <ol style="list-style-type:lower-roman;">
+
 
<li>You'll be asked to provide the following information:  
 
<li>You'll be asked to provide the following information:  
 +
#
 
#*'''Name'''. Enter the name for the application  
 
#*'''Name'''. Enter the name for the application  
 
#*Select the '''Supported account types''' for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).  
 
#*Select the '''Supported account types''' for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).  
 
#*For the '''Redirect URI''' <ol style="list-style-type:lower-alpha;">
 
#*For the '''Redirect URI''' <ol style="list-style-type:lower-alpha;">
 +
</ol>  </ul>  </ol> </li>
 
<li>Select '''Web'''.</li>
 
<li>Select '''Web'''.</li>
 
<li>Set the URL to (''ICI Application API URL'') <ol style="list-style-type:lower-roman;">
 
<li>Set the URL to (''ICI Application API URL'') <ol style="list-style-type:lower-roman;">
 
<li>'''Error! Hyperlink reference not valid.'''</li>
 
<li>'''Error! Hyperlink reference not valid.'''</li>
 
</ol> </li>
 
</ol> </li>
</ol>  </ul> </li>
+
<li>Click on '''Register'''</li>
</ol>  <li>Click on '''Register'''</li>
+
 
<li>Once it is created, Azure displays the '''Overview''' page for the app.</li>
 
<li>Once it is created, Azure displays the '''Overview''' page for the app.</li>
 
<li>In the left panel, select Certificates & secrets to create a client secret for your application. <ol style="list-style-type:lower-roman;">
 
<li>In the left panel, select Certificates & secrets to create a client secret for your application. <ol style="list-style-type:lower-roman;">
Line 141: Line 137:
 
*User.Read  </li>
 
*User.Read  </li>
 
</li>
 
</li>
 +
  
 
#Copy and save the following information to a file: <ol style="list-style-type:lower-roman;">
 
#Copy and save the following information to a file: <ol style="list-style-type:lower-roman;">
<li>The '''Application (client) ID''' value. You'll use this value later as the ''Client ID'' when you register this Azure identity application with your bot.</li>
+
</ol> </ol>
<li>The '''Directory (tenant) ID''' value. You'll also use this value later as the ''Tenant ID'' to register this Azure identity application with your bot.</li>
+
 
</ol>  <li>Click on '''Overview''' in the left panel. In the right panel on the top click on ‘Endpoints’ (We need to record/copy a few values for the next step: Bot channel Authentication mechanism '''Step F''') <ol style="list-style-type:lower-roman;">
+
*The '''Application (client) ID''' value. You'll use this value later as the ''Client ID'' when you register this Azure identity application with your bot.  
 +
*The '''Directory (tenant) ID''' value. You'll also use this value later as the ''Tenant ID'' to register this Azure identity application with your bot.  
 +
*Click on '''Overview''' in the left panel. In the right panel on the top click on ‘Endpoints’ (We need to record/copy a few values for the next step: Bot channel Authentication mechanism '''Step F''') <ol style="list-style-type:lower-roman;">
 
<li>Copy and record '''OAuth 2.0 authorization endpoint (v2)''' value.</li>
 
<li>Copy and record '''OAuth 2.0 authorization endpoint (v2)''' value.</li>
 
<li>Copy and record '''OAuth 2.0 token endpoint (v2)''' value.</li>
 
<li>Copy and record '''OAuth 2.0 token endpoint (v2)''' value.</li>
</ol> </li>
+
</ol> <li>Click on '''Expose an API, '''copy the '''scope''' value that you have added.</li>
<li>Click on '''Expose an API, '''copy the '''scope''' value that you have added.</li>
+
 
<li>With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (''to be able to enable ICI integration with Microsoft Teams''). <ol style="list-style-type:lower-roman;">
 
<li>With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (''to be able to enable ICI integration with Microsoft Teams''). <ol style="list-style-type:lower-roman;">
 
<li>Application ID (Client ID) '''[Copy value to E.4]'''</li>
 
<li>Application ID (Client ID) '''[Copy value to E.4]'''</li>
Line 158: Line 156:
 
<li>Scope (defined under section B.3.i) '''[Copy value to E.6]'''</li>
 
<li>Scope (defined under section B.3.i) '''[Copy value to E.6]'''</li>
 
</ol> </li>
 
</ol> </li>
</ol>
+
</ul>
 +
 
 +
== Azure Portal Configuration for Microsoft Teams App ==
 +
 
 +
1.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Under ‘'''Azure Active Directory'''’, click on ‘'''App registrations'''’.&nbsp;
 +
 
 +
2.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Click the '''New registration''' tab on the top left.&nbsp;
 +
 
 +
3.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Enter the name of the bot application you are registering. You need to select your own unique name.&nbsp;
 +
 
 +
4.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For the Supported account types select '''Accounts in any organizational directory (Any Azure AD directory - Multitenant)'''&nbsp;
 +
 
 +
5.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Click the Register button. Once completed, Azure displays the Overview page for the application.&nbsp;
 +
 
 +
6.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Copy and save to a file the '''Application (client) ID''' & '''Directory (tenant) ID''' value.&nbsp;
 +
 
 +
7.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; In the left panel, click '''Certificate and secrets'''.&nbsp;
 +
 
 +
8.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Under Client secrets, click '''New client secret'''.&nbsp;
 +
 
 +
9.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Add a description to identify this secret from others you might need to create for this app.&nbsp;
 +
 
 +
10.&nbsp;&nbsp; Set Expires to your selection.&nbsp;
 +
 
 +
11.&nbsp;&nbsp; Click Add.&nbsp;
 +
 
 +
12.&nbsp;&nbsp; Copy the client secret and save it to a file.&nbsp;
 +
 
 +
13.&nbsp;&nbsp; With respect to the newly created Bot app, you are required to share the following with Icertis (''to be able to enable ICI integration with Microsoft Teams'').&nbsp;
 +
 
 +
a.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Application ID (Client ID) '''[Copy value to E.9]'''&nbsp;&nbsp;
 +
 
 +
b.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Client Secret '''[Copy value to E.10]'''&nbsp;
 +
 
 +
== Icertis Configuration Sheet ==
 +
<div class="note-box" style="margin-left: 0.25in;">Note: Based upon the app’s created/modified in the previous 3 sections please update the value column below. In every section which value that is top be copied to respected row in below table is mentioned above and highlighted in '''yellow'''.</div>
 +
[[File:8.1 Configure Teams 5.PNG|620px]]
 +
 
 +
== Upload & Approval Process for new Icertis Teamworks app in Microsoft Teams admin center ==
 +
 
 +
#Go to URL [https://admin.teams.microsoft.com/ '''https://admin.teams.microsoft.com/'''] & login to the ‘'''Microsoft Teams admin center'''’.
 +
<div class="image-green-border">[[File:8.1 Configure Teams 6.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">2.&nbsp;In the left panel expand ‘'''Teams apps'''’ section.</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 7.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">3. Click on ‘'''Manage apps'''’</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 8.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">4.&nbsp;In the right panel under ‘Manage apps’ click on ‘'''+ Upload'''’ link</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 9.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 10.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">5.&nbsp;Clicking the ‘'''Upload'''’ button will open a file selection window. Go to the location where the ‘'''manifest.zip'''’ file shared by Icertis is stored. Select the ‘manifest.zip’ file and click ‘Open’.</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 11.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">6. The app should be submitted to the app catalog and its ‘'''Publishing Status'''’ status should be ‘'''Published'''’. You can search for the app by typing the app name i.e., ‘Icertis Teamworks’ as shown below,</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 12.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">7.&nbsp;The ‘Icertis Teamworks’ app should now be visible under the ‘Build for your org’ under App section in ‘Microsoft Teams’</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">[[File:8.1 Configure Teams 13.png|720px]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">
 +
'''If the ‘Icertis Teamworks’ app is not in ‘Published’ state as after following the steps stated in the previous section, then you will be required to manually publish/approve the app by performing the subsequent steps:'''
 +
 
 +
&nbsp;
 +
</div> <div class="image-green-border">&nbsp;</div>

Revision as of 08:55, 26 May 2022

Configuring MS Teams with ICI

To enable this capability, you (client) can make use of the existing ICI UI and API apps (App Registrations) or create 2 new apps for the same on Azure portal. Further we are going to provide certain API Permissions to these apps for interacting with Microsoft Teams to create new teams, channel, add team members to a team, add file and so on.

In case you are using a different identity provider like Okta, Ping Identity then all the internal ICI users are required to be part of the Azure Ad for this integration to work.

With the help of the following sections, you can create/edit the ICI UI and API apps (App Registrations), add URL redirects, provide API permissions etc.

Azure Portal Configuration for ICI UI Application

1. ICI UI Application (API Permissions)

  1. Clients with different identity provider (for example, Okta or Ping Identity) must create a new ICI UI app registration and provide the required API permissions (listed under Section B.3) on their Azure portal.
  2. Clients with Azure AD will have to provide the required API permission (listed under Section B.2) to the existing ICI UI app registration on Azure portal.
  3. In both the above scenarios the following details with respect to the newly created or modified app are required to be shared with Icertis (to be able to enable ICI integration with Microsoft Teams).
  • Directory ID (Tenant ID)
  • Application ID (Client ID)
  • Client Secret
  • (ICI UI) Redirect URI

2. ICI UI application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.

8.1 Configure Teams 1.PNG
8.1 Configure Teams 2.PNG
8.1 Configure Teams 3.PNG

3. Create a new or update existing ICI UI Application: Clients who are updating the existing ICI UI app can skip points ‘a’ to ‘d’ and directly open the existing ICI UI app on Azure portal and start with point ‘e’.

a. Go to ‘App Registrations’ under ‘Azure Active Directory’ on Azure portal and on the right panel, click ‘New registration’ tab.

             i. Provide the following information:      

  1. Name: Enter the name for the application
  2. Select the Supported account types for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).
  3. For the Redirect URI:
    </ol>
    • Select Web.
    • Set the URL to (ICI UI Application URL)
      1. Go to ‘App Registrations’ under ‘Azure Active Directory’ on Azure portal and on the right panel, click ‘New registration’ tab.
      </ol>
    • [https://Template:Your-tenant-name.icertis.com https://Template:Your-tenant-name.icertis.com]

      b. Click Register

      c. Once it is created, Azure displays the Overview page for the app.

      d. In the left panel, select Certificates & secrets to create a client secret for your application.

      1. Under Client secrets, select ➕ New client secret.
      2. Add a description to identify this secret from others.
      3. Set Expires to your selection.
      4. Select Add.
      5. Before leaving this page, record the secret.

      e. In the left panel, select ‘API permissions’ to add certain delegated permission for your UI application.

      1. Click ‘Add a permission’.
      2. Under ‘Microsoft APIs’ select ‘Microsoft Graph’.
      3. Select ‘Delegated permissions’.
      4. Now select the following permission (please find more information on usage of every API permission under ‘Section B.2)
      1. AppCatalog.Read.All
      2. Channel.Create
      3. Files.ReadWrite.All
      4. Group.ReadWrite.All
      5. Team.Create
      6. Team.ReadBasic.All
      7. TeamMember.ReadWrite.All
      8. TeamsAppInstallation.ReadWriteForTeam
      9. User.Read
      10. User.ReadBasic.All

      f. Copy and save the following information to a file:

      1. The Application (client) ID value. You'll use this value later as the Client ID when you register this Azure identity application with your bot.
      2. The Directory (tenant) ID value. You'll also use this value later as the Tenant ID to register this Azure identity application with your bot.

      g. With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (to be able to enable ICI integration with Microsoft Teams).

      1. Directory ID (Tenant ID) [Copy value to E.1]
      2. Application ID (Client ID) [Copy value to E.2]
      3. Client Secret [Copy value to E.3]
      4. (ICI UI) Redirect URI

      Azure Portal Configuration for ICI API Application

      1. ICI API Application (API Permissions)

      1. Clients with different identity provider (for example, Okta or Ping Identity) must create a new ICI API app registration and provide the required API permissions (listed below) on their Azure portal.
      2. Clients with Azure AD will have to provide the required API permission to the existing ICI API app registration on Azure portal.
      3. For those customers who do not have an existing ICI API application, are required to create a new app registration by following the steps mentioned under Section C.3.
      4. For clients with existing ICI API application, an additional ‘Redirect URI’ is required to be added:
        1. In the ICI API application go to ‘Authentication’ under ‘Manage
        2. For the Redirect URI, click ‘Add URI
        3. Set the URL to https://token.botframework.com/.auth/web/redirect (required to authenticate the Icertis Teamworks App)

      '2. 'ICI API application (app registration) on Azure portal requires the following Microsoft Graph delegated API permission with Admin consent.

      8.1 Configure Teams 4.PNG

      3. Create a new ICI API Application: We need an identity provider that can be used for authentication of ICI API & ‘Icertis Teamworks’ (Microsoft Teams) app. For clients who are updating the existing ICI API app can skip points ‘a’ to ‘d’ and directly open the existing ICI API app on Azure portal and start with point ‘e’.

       

    • You'll be asked to provide the following information:
        • Name. Enter the name for the application
        • Select the Supported account types for your application. Select Accounts in this organizational directory only (ABC only - Single tenant).
        • For the Redirect URI
        </ul> </ol>
      1. Select Web.
      2. Set the URL to (ICI Application API URL)
        1. Error! Hyperlink reference not valid.
      3. Click on Register
      4. Once it is created, Azure displays the Overview page for the app.
      5. In the left panel, select Certificates & secrets to create a client secret for your application.
        1. Under Client secrets, select ➕ New client secret.
        2. Add a description to identify this secret from others.
        3. Set Expires to your selection.
        4. Select Add.
        5. Before leaving this page, record the secret.
      6. In the left panel, select ‘Authentication’ under ‘Manage
        1. For the Redirect URI, click ‘Add URI
        2. Add a new redirect URL i.e.,  https://token.botframework.com/.auth/web/redirect (required to authenticate the Icertis Teamworks App)
        3. Click on Save
      7. In the left panel, select ‘API permissions’ to add certain delegated permission for your UI application.
        1. Click ‘Add a permission’.
        2. Under ‘Microsoft APIs’ select ‘Microsoft Graph’.
        3. Select ‘Delegated permissions’.
        4. Now select the following permission (please find more information on usage of every API permission under ‘Section C.2)
          • Files.ReadWrite.All
          • User.Read

          1. Copy and save the following information to a file:
          • The Application (client) ID value. You'll use this value later as the Client ID when you register this Azure identity application with your bot.
          • The Directory (tenant) ID value. You'll also use this value later as the Tenant ID to register this Azure identity application with your bot.
          • Click on Overview in the left panel. In the right panel on the top click on ‘Endpoints’ (We need to record/copy a few values for the next step: Bot channel Authentication mechanism Step F)
          • Copy and record OAuth 2.0 authorization endpoint (v2) value.
          • Copy and record OAuth 2.0 token endpoint (v2) value.
          • Click on Expose an API, copy the scope value that you have added.
          • With respect to the newly created or modified ICI API app, you are required to share the following with Icertis (to be able to enable ICI integration with Microsoft Teams).
            1. Application ID (Client ID) [Copy value to E.4]
            2. Client Secret [Copy value to E.5]
            3. (ICI API) Redirect URI
            4. OAuth 2.0 authorization endpoint (v2) [Copy value to E.7]
            5. OAuth 2.0 token endpoint (v2) [Copy value to E.8]
            6. Scope (defined under section B.3.i) [Copy value to E.6]
          • </ul>

            Azure Portal Configuration for Microsoft Teams App

            1.      Under ‘Azure Active Directory’, click on ‘App registrations’. 

            2.      Click the New registration tab on the top left. 

            3.      Enter the name of the bot application you are registering. You need to select your own unique name. 

            4.      For the Supported account types select Accounts in any organizational directory (Any Azure AD directory - Multitenant) 

            5.      Click the Register button. Once completed, Azure displays the Overview page for the application. 

            6.      Copy and save to a file the Application (client) ID & Directory (tenant) ID value. 

            7.      In the left panel, click Certificate and secrets

            8.      Under Client secrets, click New client secret

            9.      Add a description to identify this secret from others you might need to create for this app. 

            10.   Set Expires to your selection. 

            11.   Click Add. 

            12.   Copy the client secret and save it to a file. 

            13.   With respect to the newly created Bot app, you are required to share the following with Icertis (to be able to enable ICI integration with Microsoft Teams). 

            a.      Application ID (Client ID) [Copy value to E.9]  

            b.      Client Secret [Copy value to E.10] 

            Icertis Configuration Sheet

            Note: Based upon the app’s created/modified in the previous 3 sections please update the value column below. In every section which value that is top be copied to respected row in below table is mentioned above and highlighted in yellow.

            8.1 Configure Teams 5.PNG

            Upload & Approval Process for new Icertis Teamworks app in Microsoft Teams admin center

            1. Go to URL https://admin.teams.microsoft.com/ & login to the ‘Microsoft Teams admin center’.
            8.1 Configure Teams 6.png
             
            2. In the left panel expand ‘Teams apps’ section.
             
            8.1 Configure Teams 7.png
             
            3. Click on ‘Manage apps
             
            8.1 Configure Teams 8.png
             
            4. In the right panel under ‘Manage apps’ click on ‘+ Upload’ link
             
            8.1 Configure Teams 9.png
             
            8.1 Configure Teams 10.png
             
            5. Clicking the ‘Upload’ button will open a file selection window. Go to the location where the ‘manifest.zip’ file shared by Icertis is stored. Select the ‘manifest.zip’ file and click ‘Open’.
             
            8.1 Configure Teams 11.png
             
            6. The app should be submitted to the app catalog and its ‘Publishing Status’ status should be ‘Published’. You can search for the app by typing the app name i.e., ‘Icertis Teamworks’ as shown below,
             
            8.1 Configure Teams 12.png
             
            7. The ‘Icertis Teamworks’ app should now be visible under the ‘Build for your org’ under App section in ‘Microsoft Teams’
             
            8.1 Configure Teams 13.png
             
             

            If the ‘Icertis Teamworks’ app is not in ‘Published’ state as after following the steps stated in the previous section, then you will be required to manually publish/approve the app by performing the subsequent steps: