Monday, December 16, 2019

Ignite 2019 - BRK3226 - Every team, connected: Develop Microsoft Teams apps with Microsoft Graph

Presented by: Bill Bliss

Session summary:

The Microsoft Teams Graph APIs have grown considerably over the past year with many new APIs and types for Teams.  With team channel chat APIs, integrate Teams conversation experiences into your apps. Find out how to provision focused Teams experiences to every team in your organization, including managing the set of apps deployed to Teams.  Connect to the backing information behind every team, including files, plans, notes, and more.  This session shows how you can tightly connect to every facet of a team, and with several updates, see new ways for managing Teams applications that make it easier to distribute your apps and get them used.

My notes:

What should you use Graph API for?
  • Team and Teams user lifecycle automation
  • Analytics, compliance, announcements and flow integration
  • In Teams apps

Automating the Teams lifecycle

(If you would like to see this live in action, check out Vesa Nopanens great session from the European Teams User Group Virtual Summit - Making Teams the Hub for Work: The Graph API in Practice)

Analytics, compliance, announcements and flow integration

The questions: Which are the active teams and channels, what is the message volume, who are the active users? can be answered with Graph API.

Coming features
  • Sending chat messages with embedded images
  • Notification/webhook for all chats for a single user
  • Add/remove members to 1:1 and group chats

Webhooks in Graph API - register for notifications (per-channel) and get metadata about the event. The Subscription authorization must be periodically refreshed since it expires every 60 minutes, more info here: Change notifications for Teams messages, including message properties (preview)

If you are building a Teams App that uses Graph API, you would need Admin consent when customer deploys your App. This is addressed with Resource Specific Consent. Apps asks and gets permission only to resources in specific O365 Groups, not the entire tenant. Resource-Specific Consent (RSC) is a new consent model which can serve as the bridge between Graph API and Microsoft Teams apps. An app should only be allowed to work in one Team not in all.

The Group.ReadWrite.All permission is to wide - RSC can narrow the scope.

Only Teams owners can add consent to use Team data in this model, Admins can decide to allow this capability in the first place, and team owners can consent. The setting in the Azure Portal is called "Users can consent to apps accessing company data for the groups they own", where "Group" is the same as "Team".

No comments:

Post a Comment