Microsoft Teams
Integrate Microsoft Teams with AINexLayer
Microsoft Teams OAuth Connection Guide
This guide explains how to set up a Microsoft Teams OAuth integration for AINexLayer using Azure App Registration.
Microsoft Teams and Microsoft OneDrive share the same Azure App Registration. If you have already created an app for OneDrive, you can reuse the same Client ID and Client Secret. Just make sure both redirect URIs are added (see Step 3).
Step 1: Accessing Azure App Registrations
- Navigate to portal.azure.com
- In the search bar, type "app reg"
- Select "App registrations" from the Services results
Step 2: Creating a New Registration
- On the App registrations page, click "+ New registration"
Step 3: Registering the Application
Complete the application details:
| Field | Value |
|---|---|
| Name | AINexLayer |
| Supported account types | Select "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts" |
| Redirect URI | Platform: Web, URI: http://localhost:8000/api/v1/auth/teams/connector/callback |
Click "Register"
After registration, add the OneDrive redirect URI as well:
- Go to Authentication in the left sidebar
- Under Platform configurations > Web > Redirect URIs, click Add URI
- Add:
http://localhost:8000/api/v1/auth/onedrive/connector/callback - Click Save
Step 4: Obtaining Application (Client) ID
After registration, you will be taken to the app's Overview page. Here you will find:
- Copy the Application (client) ID - this is your Client ID
- Note the Directory (tenant) ID if needed
Step 5: Creating a Client Secret
- In the left sidebar under Manage, click "Certificates & secrets"
- Select the "Client secrets" tab
- Click "+ New client secret"
- Enter a description (e.g.,
AINexLayer) and select an expiration period - Click "Add"
- Important: Copy the secret Value immediately. It will not be shown again!
Never share your client secret publicly or include it in code repositories.
Step 6: Configuring API Permissions
- In the left sidebar under Manage, click "API permissions"
- Click "+ Add a permission"
- Select "Microsoft Graph"
- Select "Delegated permissions"
- Add the following permissions:
| Permission | Type | Description | Admin Consent |
|---|---|---|---|
Channel.ReadBasic.All | Delegated | Read the names and descriptions of channels | No |
ChannelMessage.Read.All | Delegated | Read user channel messages | Yes |
offline_access | Delegated | Maintain access to data you have given it access to | No |
Team.ReadBasic.All | Delegated | Read the names and descriptions of teams | No |
User.Read | Delegated | Sign in and read user profile | No |
- Click "Add permissions"
The ChannelMessage.Read.All permission requires admin consent. An admin will need to click "Grant admin consent for [Directory]" for full functionality.
Deploying AINexLayer with Microsoft Teams Connector
Add the Microsoft OAuth credentials to your .env file (created during Docker installation):
MICROSOFT_CLIENT_ID=your_microsoft_client_id
MICROSOFT_CLIENT_SECRET=your_microsoft_client_secret
TEAMS_REDIRECT_URI=http://localhost:8000/api/v1/auth/teams/connector/callbackThe MICROSOFT_CLIENT_ID and MICROSOFT_CLIENT_SECRET are shared between the Teams and OneDrive connectors. You only need to set them once.
Then restart the services:
docker compose up -d