====== Microsoft Teams Graph API Connector ======

This connector is developed for managing Microsoft Teams membership via [[https://developer.microsoft.com/en-us/graph|MS Graph API]] You can follow this project on [[https://github.com/bcvsolutions/ms-teams-module/tree/main| GitHub]]

This connector is using Microsoft Teams Graph API for communication. For more information about the API capabilities see [[https://docs.microsoft.com/en-us/graph/overview?view=graph-rest-1.0|https://docs.microsoft.com/en-us/graph/overview?view=graph-rest-1.0]]

**Supported operations for USER**

  * GET detail of user
  * GET all users

**Supported operations for TEAMS**

  * GET all teams
  * ASSIGN new team to user
  * REMOVE team from user

Assigning/removing to teams is done via UUID + role name.

**Permissions**  

Most permission are assigned to the Application(See Configuration section below for more info about App). Because application cannot add guest to team there has to be user that can. For complete info about permissions check official API documentation, where each endpoind has section with required permissions.

  * Managing basic users attributes and CRUD - User.ReadWrite.All
  * Manage Team membership - TeamMember.ReadWrite.All

**Configuration**

If you change some configuration you need to perform Test operation so the new config will load into connector and new grapClient instance is created.
  * ItemClient ID - UUID of application which you need to create in Azure portal. See [[https://docs.microsoft.com/en-us/graph/auth-register-app-v2?view=graph-rest-1.0|https://docs.microsoft.com/en-us/graph/auth-register-app-v2?view=graph-rest-1.0]] Created app need these permission Directory.ReadWrite.All and User.ReadWrite.All
  * Scopes - Use this value: [[https://graph.microsoft.com/.default|https://graph.microsoft.com/.default]]  
  * Client secret - On app detail in Azure portal, tab "Certificates & secrets" create new secret.

If you want secret with longer expiration then 2 years use this powershell.
<code>

$startDate = Get-Date
$endDate = $startDate.AddYears(10)
$Credential = Get-Credential
Connect-AzureAD -Credential $Credential
$aadAppsecret01 = New-AzureADApplicationPasswordCredential -ObjectId "Object ID na overwiew apliakce" -CustomKeyIdentifier "idm-key" -StartDate $startDate -EndDate $endDate
Write-Host $aadAppsecret01

</code>

You will see something like this in console. Use the value from field "Value:"

<code>
class PasswordCredential {
  CustomKeyIdentifier: System.Byte[]
  EndDate: 06.05.2031 7:38:47
  KeyId:
  StartDate: 06.05.2021 7:38:47
  Value: VALUE OF YOUR SECRET KEY
}

</code>

  * Tenant - Tenant UUID 
  * National cloud - In which cloud is you tenant located (Global, China, Germany, UsGovernment)
  * Proxy port - If you want to use some proxy set the port otherwise leave the default value (0) and proxy will be ignored
  * Proxy hostname - Proxy hostname
  * Proxy username - Proxy username - fill this if your proxy need authentication 
  * Proxy password - Proxy password - fill this if your proxy need authentication
  * Username
  * User password 

**Schema**

Connector will generate default schema for object class __ACCOUNT__ with two attributes 'Name' and 'memberOf'

Connector will generate default schema for object class __GROUP__ three attributes 'Name', 'displayName' and 'description'