Microsoft supports getting call records from the Microsoft Teams Platform using Microsoft Graph. You can find an overview of MS Graph here as well as an overview of the specific API and granular permissions we use here
The setup consists of five high level steps that you need to do to provision and grant access in the Microsoft Azure administration portal. The document below details each step with screenshots.
At a high level the steps are:
Create an Application Registration in Azure
Grant permission for the application to access Call Records from Microsoft Teams
Grant permission for the application to access the Users (the target users that will use Laurel) in your Microsoft Tenant
Confirm both permissions (CallRecords.Read.All & User.Read.All)
Send Time by Ping required information to access the application you registered in step 1
Set up instructions
Create an Application Registration in Azure
1. Go to https://portal.azure.com and log in if not already logged in.
2. Click the App registrations icon under Azure services
3. Click the New registration button
4. Name your application LaurelAssistant-MSTeams
and click Register
Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.
5. Click the Certificates & secrets tab on the left navigation bar
6. Click the New client secret button and create a secret with the following:
Description:
laurel-secret-1
Expires:
24 months
Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.
7. Then click the Add button
8. Copy the value of the secret and secure it in a safe location, you will not be able to access it again. Keep track of the expiration date, you will have to create a new secret and send it to Laurel before the expiration date to keep the integration working.
Keep this information handy as you will need to send it to the Laurel team at the end of your configuration.
9. Click the Overview tab on the left navigation bar and store the Application (client) ID and Directory (tenant) ID in a secure location.
Great work โ now we will need to setup access to Call Records from MS Teams
In Azure AD grant permissions for the application to access Call Records from Microsoft Teams
1. Click the API permissions tab on the left navigation bar
2. Click the Add a permission button and then click the section for Microsoft Graph
3. Click Application permissions
4. Filter by CallRecords and select the CallRecords.Read.All
permission, then click the Add permissions button
5. Check the Status column to see if the permission has been granted. If you are not the administrator of the Azure account you will have to get the administrator to grant the permission.
The following screenshot shows when a permission has not yet been granted:
If you are an administrator, you can press the Grant admin consent for <name> button
The following screenshot shows when a permission has been granted by the administrator:
In Azure AD grant permission for the application to access the Users in your Microsoft Tenant
1. Now that you have an application setup, additional permissions need to be added โ User.Read.All
.
Note: These permissions are only applied to the users who are given access to the application. We recommend using a user group for users that would have access to Laurel.
Instructions for User Group creation and assignment can be found here:
2. Confirm permissions are setup in https://portal.azure.com
3. Click the App registrations icon under Azure services
4. Click the application you made
5. Click the API permissions tab on the left navigation bar
6. Ensure your permissions look like this (ignore the permissions without a red box, itโs ok if other permissions are there) โ confirm:
CallRecords.Read.All
as type Application
is granted.
User.Read.All
as type Application
is granted.
Your permissions should look like this
Please see: https://help.laurel.ai/en/articles/7101614-microsoft-permissions for a complete list of permissions.
Send Laurel required information to access the application
1. Coordinate with Laurel onboarding team to securely send the following information:
Application (client) ID
Directory (tenant) ID
Application Secret Value
Expiration date of the Secret