Authenticate Microsoft Teams with Microsoft Azure

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 2 min. de leitura

    • Set up authentication with Microsoft Azure to connect Microsoft Teams with Workplace Reservation Management application.

    Antes de Iniciar

    Role required: Azure Active Directory administrator

    Por Que e Quando Desempenhar Esta Tarefa

    In order for Workplace Reservation Management to be able to generate Microsoft Teams meeting link and get the recordings, via Microsoft Graph API, permissions must be added.

    Procedimento

    1. Log in to the Microsoft Azure portal.
    2. Navigate to Azure Services > Azure Active Directory > Manage > App registrations.
    3. Opcional: If you do not have an app registration, click New registration.
      1. On the form, enter the Name of the registration.
      2. Select the Supported account types of your choice.
      3. Opcional: Specify the Redirect URL.
        Specify the following details:
        1. Select the platform as Web.
        2. Enter the URL in the following format: https://<instance-Name>.service-now.com/oauth_redirect.do
    4. If you already have an app registration, select the app registration.
      1. Navigate to Manage > Authentication.
      2. Navigate to Add a platform > Web applications > Web.
      3. On the Configure Web form, fill the fields.
        Tabela 1. Configure web form
        Field Description
        Redirect URL Enter a URL in the format: https://[instance].service-now.com/oauth_redirect.do
        Implicit grant Check Access tokens, and ID tokens
      4. Click Configure.
    5. Add a client secret.
      1. Navigate to Manage > Certificates and secrets.
      2. Click New client secret
      3. In the Description field, enter a short description about the secret.
      4. Under Expires, select an expiry.
      5. Click Add.
      6. After adding, in the Client secrets section, copy the value by clicking Copy to clipboard.
    6. Add a permission.
      1. Navigate to Manage > API permissions.
      2. Click Add a permission.
      3. Select Microsoft Graph.
      4. Select Application permissions.
        Tabela 2. Application permissions
        Permission name Description Required to
        User.Read.All Read all users profiles Create virtual meeting link
        OnlineMeetings.ReadWrite.All Read and create online meetings Create virtual meeting link
        Directory.Read.All Read directory data Create virtual meeting link
        Chat.Read.All Read all chat messages
        Nota:

        This is optional and is required only to retrieve meeting recordings.

        		 Retrieve meeting recording
      5. Select Chat.Read.All, Directory.Read.All, OnlineMeetings.ReadWrite.All and User.Read.All.
        Nota:
        Select Chat.Read.All to retrieve the meeting recordings.
      6. Click Add permissions.
      7. On the Configured permissions screen, click Grant admin consent for ServiceNow.
      8. Click Yes.
        A confirmation message is displayed that admin consent is granted for the requested permissions.
    7. Configure application access policy and allow applications to access online meetings.
      1. Open the Windows' PowerShell as an administrator to run scripts.
      2. Identify the app's application (client) ID and the user IDs of the users on whose behalf the app is authorized to access online meetings.
      3. Connect to Skype for Business PowerShell with an administrator account.
      4. Create an application access policy containing a list of app IDs.
        Run the following cmdlet, replacing the Identity, AppIds, and Description (optional) arguments.
        New-CsApplicationAccessPolicy -Identity Test-policy -AppIds "ddb80e06-92f3-4978-bc22-a0eee85e6a9e", "ccb80e06-92f3-4978-bc22-a0eee85e6a9e", "bbb80e06-92f3-4978-bc22-a0eee85e6a9e" -Description "description here"
      5. Grant the policy to the user to allow the app IDs contained in the policy to access online meetings on behalf of the granted user.
        Run the following cmdlet, replacing the PolicyName and Identity arguments.
        Grant-CsApplicationAccessPolicy -PolicyName Test-policy -Identity "748d2cbb-\
3b55-40ed-8c34-2eae5932b22a"
      6. Opcional: Grant the policy to the whole tenant (Applies to users who don’t have an application access policy assigned).
        Run the following cmdlet, replacing the PolicyName argument.
        Grant-CsApplicationAccessPolicy -PolicyName Test-policy -Global
      Nota:
      All employees who can create or update reservations must be included in the application access policy.

    Resultado

    The Microsoft Teams is set up with Microsoft Azure.

    Nota:
    For more information about allowing applications to access online meetings, see Microsoft documentation.