The installation consists of several steps, which are described in detail below. TechWolf needs to configure the Skill Assistant to work with your tenant, you need to give the app the right permissions, and you need to install the app in your Teams environment.

1

Share your Azure Tenant ID with TechWolf.

Share your Azure Tenant ID with TechWolf. TechWolf will configure the Skill Assistant to work with your production tenant. Follow the steps in Get Azure Tenant ID to find your Azure Tenant ID.

2

Install in Teams

Install the Skill Assistant in your Microsoft Teams environment by following these steps

3

Install for users

Install the Skill Assistant for users following these steps

4

Link Microsoft users to TechWolf Employees

We need a method to link Employees in the TechWolf API to Teams Users in Microsoft Teams. See Linking Microsoft Teams users and TechWolf Employees .

Install the Skill Assistant in Teams

1

Go to your Teams admin page

Go to your Teams admin page.

2

Navigate to Manage apps

Go to Teams apps -> Manage apps

3

Search TechWolf Skill Assistant

Type “TechWolf Skill Assistant” in the search bar.

4

Click on TechWolf Skill Assistant

Click on the name of the “TechWolf Skill Assistant” app.

5

Navigate to the Permissions tab

Navigate to the Permissions tab (1).

6

Grant permissions

Grant the app the required permissions. Do so by pressing Grant admin consent (2). This will open a pop up.

7

Select account

Select your account and log in if necessary (1).

8

Accept permissions

Review the required permissions and grant them, by clicking Accept (2).

Installing the Skill Assistant for users

Depending on your organisation’s workflow to install apps for employees, you should now install the Skill Assistant for your employees. We recommend the following workflow:

1

Setup user groups

The easiest way to install the app for a subset of users is to create a group in Azure AD and assign the app to that group. This way, you can easily manage who has access to the app. To create a group, follow the Microsoft guide on creating a group.

2

Update permission policy

If the existing permission policy does not allow third-party apps, you need to update the policy to allow the TechWolf Skill Assistant. You can do this by following the Microsoft guide on updating permission policies.

3

Install the app using setup policies

You can install the app for a group of users using setup policies. Follow the Microsoft guide on setting up policies.

This can take a significant amount of time. We advise to install the users at least 1 week before the go-live date.

Some users might need to restart their Teams to get the app installed.

If there are still users that don’t have the app after a week, the force installation using the next step needs to be done.

4

Force install using Graph API

If the app is not installed for all users, you can force the installation for the remaining users using the Microsoft Graph API by following these steps.

Force installing the app using the Microsoft Graph API

If the app is not installed for all users, you can force the installation for the remaining users using the Microsoft Graph API.

1

Create file with Azure IDs

Create a text file containing all Azure IDs of the people for which the app needs to be installed. This file is structured as a list of the Azure IDs, separated by newlines.

azure_id_1
azure_id_2
azure_id_3
...
2

Download the script

We created a template script that you can use to force install the app.

Download the script

3

Create a new service principal

Create a new service principal in Azure AD to run the script. Follow the Microsoft guide on creating a service principal.

4

Create a client secret

A client secret is needed to run the script.

In the newly created service principal, select Certificates & secrets.

Select Client secrets, and then select New client secret and click Add.

You will need this secret later to run the script.

5

Add the permission

The script requires the TeamsAppInstallation.ReadWriteForUser.All and User.Read.All permissions.

In the service principal, select API permissions.

Click on Add a permission and select Microsoft Graph.

Select Application permissions and search for TeamsAppInstallation.ReadWriteForUser.All and select it.

Search User.Read.All and select it too.

Click on Add permissions to add the permission.

Select the added permissions and click Grant admin consent.

6

Fill in the variables

Fill in the variables in the script:

  • $FilePath: the path to the previously created file (from Step 1) containing the Azure IDs
  • $ApplicationID: The Application Client ID of the newly created service principal (from step 3)
  • $ClientSecret: The Application Client Secret of the newly created service principal (from step 4)
  • $TenantID: The tenant ID of your Teams instance
7

Run the script in Powershell

Run the script in Powershell.

In Azure Portal, click in the top right on the Cloud Shell icon.

Click on Manage files and upload the file with Azure IDs and the filled in script. Run the script by typing ./script.ps1.

Linking Microsoft Teams users and TechWolf Employees

An important step of the installation is to link Employees with Teams users. To be able to reach an Employee on Teams, we must know the Employee’s corresponding Azure ID, which can be different from the external_id used in the TechWolf API.

There are two options to link the two IDs:

  1. Through Microsoft Graph (preferred)
  2. Through Custom Properties

If this is set up correctly, the TechWolf Skill Assistant will be able to fetch all suggestions and their corresponding Employee Azure IDs, and send them to the right Teams user.

Through Microsoft Graph (preferred)

The preferred method is to use the Microsoft Graph API to fetch the Employee ID property for each user. This requires the Employee ID property to be set in Azure for each user. In that case we can automatically link the Teams user to the TechWolf Employee.

Through Custom Properties

If the Employee ID property is not set in Azure, we can use a Custom Property for each Employee in the TechWolf API. The Azure ID should be stored in the Custom Property with the key employee_azure_id.

(Deprecated) Customer-hosted installation

This installation method is deprecated. However, if you are currently using this, it will continue to be supported for now.

An overview of the Customer-hosted installation process is shown below.

1

Create an Azure Bot Service

The first step is creating an Azure Bot Service in your Azure Portal. This will give you an App ID and a client secret.

2

Share the ID and secret

Share the ID and secret from step 1. with TechWolf, in addition with your Azure Tenant ID. TechWolf then configures the TechWolf bot backend, to be able to send and receive messages to and from your configured Bot Service.

3

Install app

TechWolf produces an app manifest, which can be used to install the bot in Teams. This manifest is created in line with the documentation provided by Microsoft. Install the bot in your Microsoft Teams environment.

4

Link Microsoft users to TechWolf Employees

We need a method to link Employees in the TechWolf API to Teams Users in Microsoft Teams. See Linking Microsoft Teams users and TechWolf Employees .

Creating an Azure Bot

1

Go to the Azure Portal

Go to the Azure Portal.

2

Create a resource

Select Create a resource.
3

Search bot

In the search box enter bot, then press Enter.

4

Select Azure Bot

Select the Azure Bot card.

5

Click Create

Click Create.

6

Fill in the fields

Fill in the required fields.

Make sure you select Multi Tenant under Type of App. While you might only have one tenant, Microsoft’s own tenant is part of the system, making it Multi Tenant.

7

Create

Click Review + Create, and finish the process by clicking Create.

8

Navigate to the Configuration

Navigate to the Configuration section in the side-panel.

9

Add messaging endpoint

Add the TechWolf {messaging endpoint}. This endpoint will be shared with you since this depends on your region.

10

Note Microsoft App ID

Take note of the Microsoft App ID, and apply changes. This App ID must later be shared with TechWolf.

11

Create secret

In the same view, above the Microsoft App ID field, click on Manage Password, or navigate to the Certificates & secrets page of the Bot’s corresponding App registration. Create a new client secret and take note of its values. The secret must later be shared with TechWolf.

12

Note Directory ID

While you are in the App registration, navigate to the overview and take note of the `Directory (tenant) ID.

13

Add Microsoft Teams as channel

Under Channels in the side-panel, add Microsoft Teams as a channel. (You have to click on the actual text to add it).

14

Share with TechWolf

Share (1) the previously created App ID, (2) client secret, and (3) Directory (tenant) ID with TechWolf.

Installing the bot in Teams

This section is only relevant to administrators of the Microsoft Teams environment of your company.

First upload the app to your Teams environment.

1

Go to Teams admin page

2

Go to Manage apps

Go to Teams apps -> Manage apps

3

Click upload app

Click Upload new App

4

Upload the app

In the pop-up, click on Upload and select the manifest (ZIP file) you received from TechWolf (in the Installation section, step 4).

Depending on your organisation’s workflow to install apps for employees, you should now install the Skill Assistant for your employees. We recommend the following workflow:

1

Setup user groups

The easiest way to install the app for a subset of users is to create a group in Azure AD and assign the app to that group. This way, you can easily manage who has access to the app. To create a group, follow the Microsoft guide on creating a group.

2

Update permission policy

If the existing permission policy does not allow third-party apps, you need to update the policy to allow the TechWolf Skill Assistant. You can do this by following the Microsoft guide on updating permission policies.

3

Install the app using setup policies

You can install the app for a group of users using setup policies. Follow the Microsoft guide on setting up policies.

This can take a significant amount of time. We advise to install the users at least 1 week before the go-live date.

Some users might need to restart their Teams to get the app installed.

If there are still users that don’t have the app after a week, the force installation using the next step needs to be done.

If the app is not installed for all users, you can force the installation for the remaining users using the Microsoft Graph API.

1

Create file with Azure IDs

Create a text file containing all Azure IDs of the people for which the app needs to be installed. This file is structured as a list of the Azure IDs, separated by newlines.

azure_id_1
azure_id_2
azure_id_3
...
2

Download the script

We created a template script that you can use to force install the app.

Download the script

3

Add the permission

The script requires the TeamsAppInstallation.ReadWriteForUser.All and User.Read.All permissions.

In the TechWolf application in Azure, select API permissions.

Click on Add a permission and select Microsoft Graph.

Select Application permissions and search for TeamsAppInstallation.ReadWriteForUser.All and select it.

Search User.Read.All and select it too.

Click on Add permissions to add the permission.

Select the added permissions and click Grant admin consent.

4

Fill in the variables

Fill in the variables in the script:

  • $FilePath: the path to the previously created file (from Step 1) containing the Azure IDs
  • $ApplicationID: The Application Client ID of the TechWolf application in Teams. See the screenshot below on how to find this ID.
  • $ClientSecret: The Application Client Secret of the TechWolf application in Azure. This can be the one shared with TechWolf
  • $TenantID: The tenant ID of your Teams instance
  • $OrgApplicationID: The external application ID of the TechWolf application in Teams. See the screenshot below on how to find this ID.

5

Run the script in Powershell

Run the script in Powershell.

In Azure Portal, click in the top right on the Cloud Shell icon.

Click on Manage files and upload the file with Azure IDs and the filled in script. Run the script by typing ./script.ps1.

Installing the Skill Management Tab

1

Access the Azure Portal

Navigate to the Azure Portal.

2

Configure Application Authentication

Go to the Authentication section under the Manage tab of your application (not the bot itself).

Select Add a Platform and choose Web. In the Redirect URI, enter the same {messaging endpoint} used in step 9 of Creating an Azure Bot, omitting /api/messages.

Enable Access tokens (for implicit flows) and ID tokens (for both implicit and hybrid flows).

Add the following Redirect URI: https://token.botframework.com/.auth/web/redirect.

Under “Who can use this application or access this API?”, select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant).

3

Set API Permissions

In the API permissions section, add User.Read from Microsoft Graph as Delegated Permissions.

4

Expose an API

Go to the Expose an API section.

Set the Application ID URI to api://{tab endpoint}/botid-{app-id}. The {app-id} is the same as the Microsoft App ID from step 10 of Creating an Azure Bot. Similar to the {messaging endpoint}, the {tab endpoint} will be provided by TechWolf based on your region.

Click on Add a scope. In the panel that opens, enter access_as_user as the Scope name.

Set “Who can consent?” to Admins and users.

Fill in the fields for configuring the admin and user consent prompts with the following values:

  • Admin consent title: Teams can access the user’s profile
  • Admin consent description: Allows Teams to call the app’s web APIs as the current user.
  • User consent title: Teams can access your user profile and make requests on your behalf
  • User consent description: Enable Teams to call this app’s APIs with the same rights that you have

Ensure the scope is Enabled.

Include the following client application IDs for Microsoft Teams:

  • 1fec8e78-bce4-4aaf-ab1b-5451cc387264 (Teams Mobile/Desktop app)
  • 5e3ce6c0-2b1f-4285-8d4b-75ee78787346 (Teams Web app)

After completing these steps, please ensure that TechWolf sends an updated manifest with the tab enabled.

Was this page helpful?