Microsoft Teams
The Teams Integration can be used for accessing your map, timeline or calendars as tabs in your Teams application - both online and desktop versions - and also as a Single Sign-on source for the YAROOMS platform.
In order to use YAROOMS as a tab under your Microsoft Teams account, settings and configuration must be applied both in Azure Portal and YAROOMS. Until this is done properly, a message containing "Inactive Teams Integration" will be displayed in the Teams tab.
YAROOMS tab for Microsoft Teams requires a valid subscription to YAROOMS, according to currently available plans. If the YAROOMS-Teams integration process is performed during the trial period and no subscription is chosen, the integration will be disabled.
The tech steps below must be performed by a user with Admin privileges in Azure Portal and by a YAROOMS Administrator.
In Azure Portal go to Azure Active Directory -> App Registrations and create a new Application with Account Type Multitenant. After saving, store the Application (client) ID and Directory (tenant) ID for later use.
In the new App’s edit screen, go to API Permissions and click Microsoft Graph. The minimal permissions needed are:
For Delegated Permissions:
None
For Application Permissions:
Directory.Read.All
User.Read.All
After setting up these values, go back to API Permissions screen and click Grant admin consent for [Your organization's name]. This will allow the chosen settings to be propagated to all accounts registered under your Microsoft organization and allow all users to activate the Teams tab and login to YAROOMS.
Back on the App’s edit screen, go to Certificates and Secrets and create a New Client Secret. Store the string displayed in the Value column for later use.
The value of the newly generated Secret will be available in the clear only during the session during which it was created. In future sessions it will be permanently obfuscated and unusable.
In the App’s edit screen, go to Authentication and edit the Redirect URI:
Type: Web
Redirect URI: https://[domain].yarooms.com/account/login . The domain value is the unique URL used by your company.
Under Advanced Settings, at Implicit Grant:
Check both boxes (Access tokens and ID Tokens)
In YAROOMS Webapp, navigate to Manage -> Integrations -> Teams.
Go to Teams and install the App package. When prompted for the URL, depending on the YAROOMS module your company is using, type one of the following:
Spaces:
https://[domain].yarooms.com/spaces/map
https://[domain].yarooms.com/spaces/timeline
Rooms
https://[domain].yarooms.com/schedule/daily
https://[domain].yarooms.com/schedule/weekly
https://[domain].yarooms.com/schedule/monthly
A Teams tab can only display a single view, so, if a user needs to access more than one view at once, they can simply create another tab with a different URL.
When activated, a new login option will be available in your tenant's login page, allowing users to login to YAROOMS with their Teams identity, without having to enter their email and password.
This does not require additional setup and configuration beyond the steps presented above.
When activated this will allow users who don't have an account in YAROOMS to have it automatically created with the user details obtained from their Azure AD identity (email, first and last name) and with the Location and Group mapped to the configuration of choice.
When deactivated, only users who already have an account in YAROOMS will be able to login with their Teams identity, by matching their email address from YAROMS with the one they have in Azure AD.
The Static option will create all new users in a single Location and Group.
We don't recommend using the pre-defined Administrator or Supervisor groups for mapping, as all new users will have extended permissions within your tenant.
The Dynamic option will create new users by matching the values from a Directory field to the names of the locations / groups in YAROOMS. The Directory field is either a pre-defined or a custom user attribute in Azure AD. This will not be passed as a claim through the relay app built for this integration, but rather accessed separately via Microsoft Graph by using the settings and permissions defined above. The name of the Directory field is case insensitive.
The Auto mapping type will match the value retrieved from the Directory field to the name of a Location/Group in YAROOMS - if an entity with that name does not exist then the user account will not be created.
The Manual mapping type will allow pairing names of Locations / Groups to values that are supposed to be passed in the Directory field. If the retrieved value is not paired to an existing entity in YAROOMS then the user account will not be created.
The values passed in the Directory field are case sensitive.
