Microsoft Teams configuration

This page describes how to set up authentication and permissions before creating the Microsoft Teams data store.

Set up authentication and permissions

You must set up authentication and permissions in Microsoft 365. This is crucial to allow the connector to access data. The MS Teams connector supports various authentication methods, such as OAuth client credentials or API tokens.

Entra app registration for Microsoft Teams connector

You must set up a Microsoft Entra application registration to enable secure access to Microsoft Teams before you can create the Gemini Enterprise connector.

To register Gemini Enterprise as an OAuth 2.0 application in Microsoft Entra, do the following:

1. Navigate to Microsoft Entra admin center.
2. In the menu, expand the Entra ID section and select App registrations.
3. On the App registrations page, select add New registration.
4. On the Register an application page, create an app registration by doing the following:
   1. In the Name section, enter a display name for the application.

      

   2. In the Supported account types section, select Accounts in the organizational directory only. This option restricts access to users within your organization's Microsoft Entra tenant, which is appropriate for an enterprise application.
   3. In the Redirect URI section, select Web and enter the following URLs as web callback URLs (or redirect URLs):
      • https://vertexaisearch.cloud.google.com/oauth-redirect
   4. Click Register. Microsoft Entra creates your app and displays it on the All applications page.

Create an OAuth 2.0 configuration

To create a connection using the OAuth 2.0 authentication method, you need to obtain a client ID, client secret, and tenant ID from your Microsoft Entra application registration page.

Obtain client ID and client secret

To obtain the client ID and secret for the app, do the following:

1. Navigate to Microsoft Entra admin center.
2. In the menu, expand the Entra ID section and select App registrations.
3. On the App registrations page, select All applications.
4. Open the application you created.
5. On the app page, select Certificates & secrets.
6. Click add New client secret.
7. In the Add a client secret dialog:
   1. Enter a description for the secret.

      

   2. Select an expiry duration. We recommend selecting the default value.
   3. Click Add.
8. Copy the secret from the Value column (Client Secret) and the identifier from the Secret ID column (Client ID), and store them securely for later use.

Obtain tenant ID

Your tenant ID can be found in the Tenant ID box on the overview page in the Microsoft Entra admin center.

Microsoft Graph minimum permissions

To configure the required API permissions for the app, do the following:

1. Navigate to Microsoft Entra admin center.
2. In the menu, expand the Entra ID section and select App registrations.
3. On the App registrations page, select All applications.
4. Open the application you created.
5. On the app page, select API permissions.
6. Click Add a permission.

7. In the Request API permissions page, select Microsoft Graph, and select Delegated permissions.

8. Search for and select the following scopes for search:

   Scope	Description
   Team.Read.All	Allows the connector to read Teams information.
   Channel.Read.All	Allows the connector to read channel information.
   ChannelMessage.Read.All	Allows the connector to read messages in channels and chats.
   ChannelFile.Read.All	Allows the connector to read files within channels.
   ChatMessage.Read.All	Allows the connector to read chat messages.
   Schedule.Read.All	Allows the connector to read schedules.

   

9. Click Add Permissions.