apunkt/SurfSense
1
0
Fork 0
mirror of https://github.com/MODSetter/SurfSense.git synced 2026-04-26 01:06:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
SurfSense/surfsense_web/content/docs/connectors/microsoft-teams.mdx

120 lines
4.4 KiB
Text
Raw Blame History

---
title: Microsoft Teams
description: Connect your Microsoft Teams to SurfSense
---
# Microsoft Teams OAuth Integration Setup Guide
This guide walks you through setting up a Microsoft Teams OAuth integration for SurfSense using Azure App Registration.
<Callout type="info">
Microsoft Teams and [Microsoft OneDrive](/docs/connectors/microsoft-onedrive) share the same Azure App Registration. If you have already created an app for OneDrive, you can reuse the same Client ID and Client Secret. Just make sure both redirect URIs are added (see Step 3).
</Callout>
## Step 1: Access Azure App Registrations
1. Navigate to [portal.azure.com](https://portal.azure.com)
2. In the search bar, type **"app reg"**
3. Select **"App registrations"** from the Services results
![Azure Portal Search](/docs/connectors/microsoft-teams/azure-search-app-reg.png)
## Step 2: Create New Registration
1. On the **App registrations** page, click **"+ New registration"**
![App Registrations Page](/docs/connectors/microsoft-teams/azure-app-registrations.png)
## Step 3: Register the Application
Fill in the application details:
| Field | Value |
|-------|-------|
| **Name** | `SurfSense` |
| **Supported account types** | Select **"Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts"** |
| **Redirect URI** | Platform: `Web`, URI: `http://localhost:8000/api/v1/auth/teams/connector/callback` |
Click **"Register"**
After registration, add the OneDrive redirect URI as well:
1. Go to **Authentication** in the left sidebar
2. Under **Platform configurations** > **Web** > **Redirect URIs**, click **Add URI**
3. Add: `http://localhost:8000/api/v1/auth/onedrive/connector/callback`
4. Click **Save**
![Register Application Form](/docs/connectors/microsoft-teams/azure-register-app.png)
## Step 4: Get Application (Client) ID
After registration, you will be taken to the app's **Overview** page. Here you will find:
1. Copy the **Application (client) ID** - this is your Client ID
2. Note the **Directory (tenant) ID** if needed
![Application Overview](/docs/connectors/microsoft-teams/azure-app-overview.png)
## Step 5: Create Client Secret
1. In the left sidebar under **Manage**, click **"Certificates & secrets"**
2. Select the **"Client secrets"** tab
3. Click **"+ New client secret"**
4. Enter a description (e.g., `SurfSense`) and select an expiration period
5. Click **"Add"**
![Certificates & Secrets - Empty](/docs/connectors/microsoft-teams/azure-certificates-empty.png)
6. **Important**: Copy the secret **Value** immediately. It will not be shown again!
![Certificates & Secrets - Created](/docs/connectors/microsoft-teams/azure-certificates-created.png)
<Callout type="warn">
Never share your client secret publicly or include it in code repositories.
</Callout>
## Step 6: Configure API Permissions
1. In the left sidebar under **Manage**, click **"API permissions"**
2. Click **"+ Add a permission"**
3. Select **"Microsoft Graph"**
4. Select **"Delegated permissions"**
5. Add the following permissions:
| Permission | Type | Description | Admin Consent |
|------------|------|-------------|---------------|
| `Channel.ReadBasic.All` | Delegated | Read the names and descriptions of channels | No |
| `ChannelMessage.Read.All` | Delegated | Read user channel messages | Yes |
| `offline_access` | Delegated | Maintain access to data you have given it access to | No |
| `Team.ReadBasic.All` | Delegated | Read the names and descriptions of teams | No |
| `User.Read` | Delegated | Sign in and read user profile | No |
6. Click **"Add permissions"**
<Callout type="warn">
The `ChannelMessage.Read.All` permission requires admin consent. An admin will need to click **"Grant admin consent for [Directory]"** for full functionality.
</Callout>
![API Permissions](/docs/connectors/microsoft-teams/azure-api-permissions.png)
---
## Running SurfSense with Microsoft Teams Connector
Add the Microsoft OAuth credentials to your `.env` file (created during [Docker installation](/docs/docker-installation/docker-compose)):
```bash
MICROSOFT_CLIENT_ID=your_microsoft_client_id
MICROSOFT_CLIENT_SECRET=your_microsoft_client_secret
TEAMS_REDIRECT_URI=http://localhost:8000/api/v1/auth/teams/connector/callback
```
<Callout type="info">
The `MICROSOFT_CLIENT_ID` and `MICROSOFT_CLIENT_SECRET` are shared between the Teams and OneDrive connectors. You only need to set them once.
</Callout>
Then restart the services:
```bash
docker compose up -d
```
Reference in a new issue View git blame Copy permalink