This article describes the necessary steps to configure the connection between Microsoft Teams and SMARTFENSE, enabling authentication and communication through Microsoft Graph API.
Important considerations for configuring the integration with Microsoft Teams:
Follow the configuration guide to complete the required fields on the platform. The user performing the configuration in Microsoft Entra ID must have administrative permissions.
Authorize the integration between SMARTFENSE and Microsoft Teams. The user who authorizes the integration must be a Microsoft Entra ID administrator and also have an Administrator role in the SMARTFENSE platform.
Verify the connection to ensure that the process was completed successfully.
The account (Microsoft Entra ID user) that performs the authorization will be the account from which notifications are sent. This user cannot receive Teams notifications from the SMARTFENSE platform (self-notifications are not possible). Therefore, this user cannot be included in SMARTFENSE campaigns when this notification method is used. It will not be delivered to the same user even when using the “Send me Test” button. To perform a test, the campaign must be sent to a different user.
Configuration in Microsoft Azure
Log in to the Azure portal: https://portal.azure.com/.
In the left sidebar menu, select Microsoft EntraID.
Click on App Registrations.
Select New registration from the top menu.
In the Name field, enter SMARTFENSE.
Under Supported account types, select Accounts in this organizational directory only (Defense Balance SL only - Single tenant).
In the Redirect URI field, enter:
https://www.smartfense.comPress the Register button.
Application Identifiers
Once the application is created:
Copy the values from the Application (client) ID and Directory (tenant) ID fields.
Paste these values into the SMARTFENSE platform, in the Application ID and Directory ID fields, respectively.
Response URL Configuration
In the newly created application, select the Redirect response URLs option within the Overview > Settings menu.
Add the following response URL:
https://instancename.takesecurity.com/config/microsft-teams-auth/callback/Click Save.
API Permissions Assignment
Select API Permissions in the left Manage menu.
Press the Add button to open the Add API access menu.
Select the Microsoft Graph API.
-
Assign the following delegated permissions:
Create chats: Chat.Create
Send user chat messages: ChatMessage.Send
Read all users full profiles: User.Read.All
Click Update permissions in the Add API access section.
Then, press Grant permissions in the Required permissions section.
Creating the Secret Key
In the Settings menu, select Certificates & secrets.
Press New client secret.
In the Key description field, enter SMARTFENSE.
Select an expiration option according to your security policies.
| Warning: when the expiration date is reached, the connection will stop working. You will need to generate a new key and verify connectivity. During this period, users will not be able to authenticate in campaigns that require login. |
Click Save to generate the Value field.
Copy the generated value immediately, as it is only shown once and cannot be retrieved later.
Connection with SMARTFENSE
Paste the secret key value copied in the previous step into the SMARTFENSE platform, in the Application secret key field.
Click Check connectivity to validate that the configuration has been done correctly.
| Warning: ad-blocking extensions, such as AdBlock Plus, may interfere with this test. It is recommended to temporarily disable them before running the check. |
💡 Mejores prácticas
Verify Microsoft Graph permissions before testing the connection to avoid authentication errors.
Store the Bot User OAuth Token and the Application secret key in a secure place.
Set internal alerts before the key expiration date to renew it in time.
Disable any script-blocking extensions before running the Check connectivity test.