MS Teams Connector
With our Microsoft Teams connector, Starmind can analyse sent messages to learn about users' expertise.
The connector learns exclusively from public teams and shared channels, ensuring user privacy. It operates through a technical user account you create, which must be a member of the relevant teams and channels to function. Additionally, the connector disregards private teams, private channels, and one-on-one conversations.
Learn more about public and private teams in Microsoft Teams
Learn more about teams and channels in Microsoft Teams
Connecting Starmind & MS Teams
Requirements
The connector requires a valid Azure Subscription and org-wide installed Microsoft Teams.
Permissions
We use OAuth with a technical user using Delegated access (access on behalf of a user) permissions.
We require the following privileges:
| Permission | Description |
|---|---|
| offline_acces | Allows the app to read and update user data, even when they are not currently using the app. |
| Group.Read.All | Allows the app to list groups and to read their properties and all group memberships on behalf of the technical user. It also allows the app to read calendars, conversations, files, and other group content for all groups the technical user can access. |
| Directory.Read.All | Allows the app to read data in your organization's directory, such as users, groups, and apps. Note: Users may consent to applications that require this permission if the application is registered in their own organization’s tenant. |
| User.Read.All | Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user. |
| ChannelMessage.Read.All | Allows the app to read all channel messages in Microsoft Teams, without a signed-in user. |
Source: https://docs.microsoft.com/en-us/graph/permissions-reference
Oauth consent screen
You will be asked to consent to the requested permissions when you connect the data source and log in with your technical user. In the background, we use Oauth authorization code flow to maintain access to the API. You can always revoke this access later if you wish to do so.
Additional access controls
In addition to the privileges, the API restricts access to groups where the configured technical user is a member (enforced by the MS Teams API). This gives the customer more control over limiting access to the groups relevant to the connector.
Updated about 1 month ago