Skip to main content
Microsoft Teams Configuration for Laurel

Integrating Laurel's tracking for MS Teams within your environment.

Nick Bazley avatar
Written by Nick Bazley
Updated over a year ago

Microsoft supports getting call records from the Microsoft Teams Platform using Microsoft Graph. You can find an overview of MS Graph here as well as an overview of the specific API and granular permissions we use here

The setup consists of five high level steps that you need to do to provision and grant access in the Microsoft Azure administration portal. The document below details each step with screenshots.

At a high level the steps are:

  1. Create an Application Registration in Azure

  2. Grant permission for the application to access Call Records from Microsoft Teams

  3. Grant permission for the application to access the Users (the target users that will use Laurel) in your Microsoft Tenant

  4. Confirm both permissions (CallRecords.Read.All & User.Read.All)

  5. Send Time by Ping required information to access the application you registered in step 1

Set up instructions

Create an Application Registration in Azure

1. Go to https://portal.azure.com and log in if not already logged in.

2. Click the App registrations icon under Azure services

3. Click the New registration button

4. Name your application LaurelAssistant-MSTeams and click Register

Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.

5. Click the Certificates & secrets tab on the left navigation bar

6. Click the New client secret button and create a secret with the following:

  • Description: laurel-secret-1

  • Expires: 24 months

Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.

7. Then click the Add button

8. Copy the value of the secret and secure it in a safe location, you will not be able to access it again. Keep track of the expiration date, you will have to create a new secret and send it to Laurel before the expiration date to keep the integration working.

Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.

9. Click the Overview tab on the left navigation bar and store the Application (client) ID and Directory (tenant) ID in a secure location.


Great work โ€” now we will need to setup access to Call Records from MS Teams

In Azure AD grant permissions for the application to access Call Records from Microsoft Teams

1. Click the API permissions tab on the left navigation bar

2. Click the Add a permission button and then click the section for Microsoft Graph

3. Click Application permissions

4. Filter by CallRecords and select the CallRecords.Read.All permission, then click the Add permissions button

5. Check the Status column to see if the permission has been granted. If you are not the administrator of the Azure account you will have to get the administrator to grant the permission.

The following screenshot shows when a permission has not yet been granted:

If you are an administrator, you can press the Grant admin consent for <name> button

The following screenshot shows when a permission has been granted by the administrator:


In Azure AD grant permission for the application to access the Users in your Microsoft Tenant

1. Now that you have an application setup, additional permissions need to be added โ€” User.Read.All.

Note: These permissions are only applied to the users who are given access to the application. We recommend using a user group for users that would have access to Laurel.

Instructions for User Group creation and assignment can be found here:

2. Confirm permissions are setup in https://portal.azure.com

3. Click the App registrations icon under Azure services

4. Click the application you made

5. Click the API permissions tab on the left navigation bar

6. Ensure your permissions look like this (ignore the permissions without a red box, itโ€™s ok if other permissions are there) โ€” confirm:

CallRecords.Read.All as type Application is granted.

User.Read.All as type Application is granted.

Your permissions should look like this

Please see: https://help.laurel.ai/en/articles/7101614-microsoft-permissions for a complete list of permissions.


Send Laurel required information to access the application

1. Coordinate with Laurel onboarding team to securely send the following information:

  • Application (client) ID

  • Directory (tenant) ID

  • Application Secret Value

  • Expiration date of the Secret

Did this answer your question?