Microsoft Teams Graph API Connector

This connector is developed for managing Microsoft Teams membership via MS Graph API You can follow this project on GitHub

This connector is using Microsoft Teams Graph API for communication. For more information about the API capabilities see https://docs.microsoft.com/en-us/graph/overview?view=graph-rest-1.0

Supported operations for USER

• GET detail of user
• GET all users

Supported operations for TEAMS

• GET all teams
• ASSIGN new team to user
• REMOVE team from user

Assigning/removing to teams is done via UUID + role name.

Permissions
Most permission are assigned to the Application(See Configuration section below for more info about App). Because application cannot add guest to team there has to be user that can. For complete info about permissions check official API documentation, where each endpoind has section with required permissions.

• Managing basic users attributes and CRUD - User.ReadWrite.All
• Manage Team membership - TeamMember.ReadWrite.All

Configuration

If you change some configuration you need to perform Test operation so the new config will load into connector and new grapClient instance is created.

• ItemClient ID - UUID of application which you need to create in Azure portal. See https://docs.microsoft.com/en-us/graph/auth-register-app-v2?view=graph-rest-1.0 Created app need these permission Directory.ReadWrite.All and User.ReadWrite.All
• Scopes - Use this value: https://graph.microsoft.com/.default
  * Client secret - On app detail in Azure portal, tab "Certificates & secrets" create new secret.

If you want secret with longer expiration then 2 years use this powershell.

$startDate = Get-Date
$endDate = $startDate.AddYears(10)
$Credential = Get-Credential
Connect-AzureAD -Credential $Credential
$aadAppsecret01 = New-AzureADApplicationPasswordCredential -ObjectId "Object ID na overwiew apliakce" -CustomKeyIdentifier "idm-key" -StartDate $startDate -EndDate $endDate
Write-Host $aadAppsecret01

You will see something like this in console. Use the value from field "Value:"

class PasswordCredential {
  CustomKeyIdentifier: System.Byte[]
  EndDate: 06.05.2031 7:38:47
  KeyId:
  StartDate: 06.05.2021 7:38:47
  Value: VALUE OF YOUR SECRET KEY
}

• Tenant - Tenant UUID

  • National cloud - In which cloud is you tenant located (Global, China, Germany, UsGovernment)
  • Proxy port - If you want to use some proxy set the port otherwise leave the default value (0) and proxy will be ignored
  • Proxy hostname - Proxy hostname
  • Proxy username - Proxy username - fill this if your proxy need authentication
  • Proxy password - Proxy password - fill this if your proxy need authentication
  • Username
  • User password

  Schema

Connector will generate default schema for object class ACCOUNT with two attributes 'Name' and 'memberOf'

Connector will generate default schema for object class GROUP three attributes 'Name', 'displayName' and 'description'