Quick BI:Configure a Teams application

Limits

Your Teams account must have developer permissions in the Teams Developer Portal.

Procedure

Configure the Teams application to obtain the tenant ID, application ID, and client credential.

• Step 1. Configure the application in Microsoft Entra ID

• Step 2. Configure the application in the Teams Developer Portal

• Step 3. Publish the application in the Teams admin center

• Step 4. Configure office application integration and logon settings in Quick BI

Step 1. Configure the application in Microsoft Entra ID

1. In a web browser, open the Azure portal.

2. Click the app registrations icon.

   

   

3. Register a new application.

   The Register an application page appears.

   Inputs	Description	Instructions
   Display Name	The name of the application.	Required.
   Supported account types	The supported account types.	Required. Select the first option. This allows only accounts in the current organization to use the application.
   Redirect URI (optional)	The logon redirection URL.	Required. Format: https://{host}/login/teams/callback. Note: Only the HTTPS protocol is supported. The HTTP protocol is not supported. Replace {host} with the actual Quick BI domain name.

   Note

   You do not need to enter a Redirect URI to enable single sign-on (SSO) for a tab application.

4. Click Register. A message appears in the browser indicating that the application has been created.A page appears that displays the application ID and other configurations.

5. Generate a client secret.Record the following application configuration information. You will need this information later.

   • Directory (tenant) ID

   • Application (client) ID

   • Client credentials

   

6. Configure the scope of the access token (Expose an API).

   1. In the navigation pane on the left, choose Manage > Expose an API. The Expose an API page appears.

      You must configure the following three items:

      1. Application ID URI

      2. Scopes defined by this API

      3. Authorized client applications

      

   2. Configure the Application ID URI.

      1. Click Add. The section for setting the application ID URI appears.

      2. The Application ID URI is prefilled with the application ID (GUID) in the format api://{AppID}.

      3. The Application ID URI must be in the following format: api://{Quick BI service domain name, which is the domain name in the tab application}/{AppID: The application ID that was generated when you registered the application}. Example: api://quickbi-demo-2.aliyun.com/beef226-****-****-****baed49e5

      4. Click Save. A message appears in the browser indicating that the Application ID URI has been updated. The Application ID URI is displayed on the page.

      5. Record the Application ID URI. You will need this information later to update the application manifest in the Teams Developer Portal.

   3. Configure the API scope (Scopes defined by this API).

      1. Enter a scope name. This field is required.

      2. Select who can consent to this scope. The default option is Admins only.

      3. Enter an Admin consent display name. This field is required.

      4. Enter an Admin consent description. This field is required.

      5. Enter a User consent display name.

      6. Enter a User consent description.

      7. For Status, select Enabled.

      8. Click Add scope.

      A message appears in the browser indicating that the scope has been added.The new scope that you defined is displayed on the page.

   4. Configure authorized client applications.

      On the Expose an API page, in the Authorized client applications section, click + Add a client application.The Add a client application page appears.

      Enter the appropriate Microsoft 365 client ID for the application that you want to authorize for your web application.

      For more information, see this Microsoft document.

      Set ClientID to the following fixed value:

      For Teams desktop and mobile: 1fec8e78-bce4-4aaf-ab1b-5451cc387264

      In the Authorized scopes section, select the scope that you created for your application to add it to your exposed web API.

      Click Add application.

      A message appears in the browser indicating that the authorized client application has been added.The client ID of the authorized application is displayed on the page.

7. Configure the token access version (Manifest).

   Note

   If you selected Accounts in any organizational directory (any Microsoft Entra directory - Multitenant) and personal Microsoft accounts (such as Skype or Xbox) during application registration, update the value of the accessTokenAcceptedVersion property to 2.

8. Configure API permissions.

   As needed, select the delegated API permissions and grant admin consent.(Optional) If the parsed access token does not contain the expected field values, you can add them in the token configuration.The required API permissions for the application are as follows:

   API/Permission name	Required	Purpose
   email	Yes	Logon authentication
   openid	Yes
   profile	Yes
   User.Read	Yes
   Organization.Read.All	Yes	Address book synchronization. Obtains Teams and Teams members.
   User.Read.All	Yes
   Team.ReadBasic.All	Yes
   TeamMember.Read.All	Yes

Step 2. Configure the application in the Teams Developer Portal

1. In the Azure portal, select the new application to view its application ID.

   

2. Obtain the Teams application client ID (also known as ClientID or Application ID).

Step 3. Publish the application in the Teams admin center

1. Create a new app.

   1. Log on to the Teams Developer Portal: https://dev.teams.microsoft.com/home

   2. Basic information: Enter the basic information for the application.

      Input type	Field	Required	Description	Image
      App names	Short name - 30 characters or less	Yes	The name of the application.
      	Full name - up to 100 characters (optional)	Yes
      App ID		No	Not used at the moment.
      Descriptions	Short description Long description	Yes	A description of the application.
      Developer information	Developer or company name	Required	The name of the developer company that owns the application.
      	Website (must be a valid HTTPS URL)	Required	The URL of the developer company's website.
      App URLs	Privacy policy	Required	The URL of the application's privacy policy.
      	Terms of use	Required	The URL of the application's terms of use.
      Application (client) ID*	ApplicationID	Required	The ApplicationID (ClientID) of the application registered in Microsoft Entra ID.

   3. Branding: Enter branding information, including the application icon.

   4. App features: You must configure the Personal app and Group and channel app features.

      1. Set up a personal tab.

         The format for the content URL and website URL is https://{your-host}/home. Replace {your-host} with the specific domain name.

         1. scope: Select personal.

         2. context: Select personalTab.

         3. Set up single sign-on: Configure single sign-on within Teams.

            In the Application ID URI field, enter the logon URL. The format is api://{your-host}/{application ID}.

   5. Set up App content:

      Select the Full-screen mode checkbox. This allows the application to be displayed in full-screen mode in the Teams client.

   6. App validation: Validate the application. After the application passes validation, you can publish it.

   7. Publish to org: Publish the application to your organization. After the application is approved, it becomes visible in the Teams Store for your organization.

2. Review the application.

   Log on to the Microsoft Teams admin center.

   In the Manage apps section, search for the published Teams application. The application status is shown as Blocked.Click the application to view its details. Click Publish and confirm the publication to your organization.

   Note

   • Users and groups: Set the visibility scope of the application.

   • Permissions: View the permission information of the application.

   

3. Add the application in the Teams client.

   In Teams, click Apps, and then select Built for your org. The published application is displayed.

   Note

   • Delay: There may be a delay in publishing Teams applications. The application may not appear in the Teams client immediately after you publish it. You may need to wait for about an hour.

   • Cache: If the published application is not visible in the Teams client, log out and log on again to refresh the Teams client cache.

   

Step 4. Configure office application integration and logon settings in Quick BI

Obtain the tenant ID, application ID, and client credential of your new application in the Azure portal. You will need this information for the procedures described in Enable the Teams Micro-application.

1. Log on to the Azure portal.

2. Select the new application to view its details.

3. Obtain the following information:

   • Tenant ID (Directory (tenant) ID)

     

   • Application ID (Application (client) ID)

     

   • Client credential (Client credentials)