Versions Compared

Old Version 11

changes.mady.by.user Steinar Line

Saved on

compared with

New Version 12

changes.mady.by.user Steinar Line

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleSteps to prepare Confluence

  1. Follow this guide to disable the built-in anti clickjacking protection in Confluence: https://confluence.atlassian.com/confkb/confluence-page-does-not-display-in-an-iframe-827335781.html

2. Turn on Content Security Policy switch to give similar protection, but allowing for Confluence to be loaded in Microsoft Teams.

Info

The Content Security Policy switch is only available for Confluence. For other products this is included in the Enable Microsoft Teams SSO login switch.

...

Expand
titlePrepare App registration, Client ID and Client Secret

  1. Log into https://portal.azure.com with an administrator account. Search in top bar for App registrations and navigate to this page. During these next steps you shold create and copy the values Client ID, Client Secret and API url to use in later sections.

2.

  • If you have an existing Azure AD OIDC client application set up in Kantega SSO you may use this. See where to find Client IDs in the below screenshot:

Image Modified

You may search for the Client ID in the search bar of Azure AD. Open your existing client appliction and skip to point 6.

  • If you do not have an existing OIDC client application continue to step 3.

3. Press New registration, set a name for your new client application and press Register. You do not have to fill any of the other fields on this page.

4. Copy Client ID to use in later steps.


5. Click left menu to

Certificates & secrets and click New client secret. Type a suitable description, set appropriate expiry, and click Add. Copy the Secret Value of the new secret for later steps, and not the Secret ID.

...

Expand
titleExpose API and give Microsoft Teams access

9. Click Expose and API in left menu. Click Application ID URI Set button on top. The App ID URI should be set to this address:

api://<your-atlassian-server-name-without-portnumber>-<Client ID value-from-step-4>

Please note the “-” between the two values above. Copy the api address for later use and press Save.


10. Press Add a scope and insert the following scope values in the panel that appears:

  • , enter access_as_user as the Scope name.

  • Set Who can consent? to Admins and users.

  • To configure the admin and user consent prompts with appropriate values for access_as_user scope, provide the following information in the fields:

    • Enter Teams can access the user’s profile as Admin consent display name.

    • Enter Allows Teams to call the app’s web APIs as the current user as Admin consent description.

    • Enter Teams can access the user profile and make requests on the user’s behalf as User consent display name.

    • Enter Enable Teams to call this app’s APIs with the same rights as the user as User consent description.

    • Ensure that State is set to Enabled.

11. Add Microsoft Teams client application IDs by pressing Add a client application and using the below values:
1fec8e78-bce4-4aaf-ab1b-5451cc387264 (Teams mobile or desktop application)

5e3ce6c0-2b1f-4285-8d4b-75ee78787346 (Teams web application)

Make sure to select Authorized scopes before you press Add application for the two values:

Afterwards this section should look like this:

12. Last Then go to the Manifest left menu page, set value "accessTokenAcceptedVersion": 2,and press Save.

...

Expand
titleCreate Teams app with basic setup

  1. Inside Microsoft Teams with an admin user or ordinary user press the ... in the left menu, and find Developer Portal.

2. Go to Apps in Developer Portal and press either Create your first app or New app button, give a name your app and press Add.

3. On the Basic information page you may give suitable values for your App. All the below values must be set to allow the appliation to be published later:

Developer or company name

Website

Privacy policy

Terms of use
In the Application (client) ID insert the Client ID value from the Azure AD section above in this guide. Press Save.

Expand
titleSet up app tabs, single sign-on and publish app

4.

  • In the left menu click App features and select Personal app.
    Click Create your first personal app tab if you want the app to be available in the left menu in Teams.

    Image Modified

Image Modified

  • It is also possible to create a Group and channel app if you would like to have your uses add the app in Teams groups or channels. To set up press App features in left menu and select Group and channel app. As Configuration URL insert depending on your product:
    Confluence: https://<your-confluence-server>/login.action?teamsUnderConfiguration
    Jira: https://<your-jira-server>/login.jsp?teamsUnderConfiguration
    Bamboo: https://<your-bitbucket-server>/userlogin!doDefault.action?teamsUnderConfiguration
    Bitbucket: https://<your-bitbucket-server>/login?teamsUnderConfiguration

...

  • Image Added


5. Click the Single sign-on left menu and insert the API URL from the Azure AD section above in this guide and press Save.

Image Modified

6. The app should now be ready and you should click left menu

Publish to org. If you get problems publishing, verify that all mandatory fields in the Basic information section is set.

Image Modified

Expand
titlePublish to organization and add app to teams

7. Now you must use an Teams Administrator account to approve the app. Please navigate to Teams Administation

Manage Apps section: https://admin.teams.microsoft.com/policies/manage-apps. Search for the name you chose for your published Teams app.

Image Modified

8. Click the new app in the list and click

Publish and Publish to confirm.

Image Modified

9. Your new app should in a short while be searchable from Teams.

10. Your users may now search to find the app in Teams and add it either to the left menu in Teams or as a tab in a Teams group or chat window.

If you have problems adding as a group app because the Save button is inactive it may help to log out from the Atlassian product in the window, press Back-button to the App list and re-select the app. This is because when loading group app the login page must be showing to allow communication between Teams and the Atlassian products.

Image Modified

I. Turn on Teams SSO login in Kantega SSO

...