Page Comparison

To use Totara with Microsoft Teams you will need to set up your own app. This page outlined outlines how to create and update your app.

...

1. Log in to your Microsoft account at https://admin.teams.microsoft.com/.
2. Navigate to Teams App > Manage Apps and select Org-wide App settings.
3. Check the Allow third-party apps setting and save.

Image Modified

...

1. In the Authentication blade click Add Platform then select Web.
2. Enter https://[your.totara.site]/admin/oauth2callback.php for the Redirect URI and https://[your.totara.site]/totara/msteams/sso_logout.php for the Logout URL, then Save. If you use a different folder than 'admin', use that one instead.
3. Add one more Redirect URI: https://[your.totara.site]/totara/msteams/oidc_login.php then Save.
4. In the Expose an API blade click Add Scope and enter api://[your.totara.domain]/[Application (client) ID], then select Save. This will be used in the Totara integration settings, but is only necessary if you require Single Sign-On.
5. Enter the following scope properties:
   • Scope name: 'access_as_user'
   • Who can consent: Admin and user
   • Admin consent display name: 'Teams can access the user's profile'
   • Admin consent description: 'Allows Teams to call the app's web APIs as the current user.'
   • User consent display name: 'Teams can access your user profile and make requests on your behalf'
   • User consent description: 'Enable Teams to call this app's APIs with the same rights that you have.'
   • State: Enabled
6. Click Add a client application.
7. Add Teams desktop/native client: 1fec8e78-bce4-4aaf-ab1b-5451cc387264 and Add Teams web client: 5e3ce6c0-2b1f-4285-8d4b-75ee78787346.
8. In the API permissions blade click Add permission and select the following permissions under Microsoft Graph > Delegated permissions:
   • email
   • offline_access
   • openid
   • profile
   • User > User.Read
9. Save your selection and click and confirm Grant admin consent for [tenant name].
10. In Certificates & Secrets blade click New client secret.
11. Give it a Name, choose the Expiration period and Save.
12. Make a note of the Client Secret value, as this will be required later in the process.

Step 3: Create a Bot in Azure (optional)

...

1. Log in to Microsoft Azure at https://portal.azure.com/.
2. Navigate to Applied AI services > Bot services.
3. Click Create, then scroll down and click Load more, then select Azure Bot.
4. Click Create and complete the form with the following details:
   • Bot Handle: Any unique handle of your choice
   • Subscription: Select your existing subscription
   • Resource group: Select an existing group or create a new one
   • Location: For new resource groups select the location of your choice (choose somewhere close to your server)
   • Pricing tier: Click change plan and select the F0 (free) tier
   • Microsoft App ID:
     • For Type of App select Multi Tenant
     • For Creation Type select Create new Microsoft App ID
   • Click Review and Create, then Create, then Go to resource
5. You can optionally personalise the icon and name for the bot under Settings > Bot Profile > Icon & Display Name.
6. Under Settings > Configuration enter:
   • Messaging endpoint: https://[your.totara.site]/totara/msteams/botindex.php, then click Apply.
7. Under Settings > Channelsclick Microsoft Teams under Available Channels. Agree to the Terms of Service. Select the appropriate Messaging setting (probably Microsoft Teams Commercial), then click Apply, then Close.
8. Navigate to App registrations and select the newly created bot.
9. Make a note of the Application (client) ID, as this will be used as the Bot app ID in the Totara integration settings later in the process.
10. On the Manage > Certificates & Secrets page, delete any existing secret, then click New client secret.
11. Give it a Name, choose the Expiration period and Save.
12. Make a note of the Client Secret for Bot value, as this will be required later in the process.

Step 4: Prepare the Microsoft Teams extension in the Totara admin settings

...