Deployment Guide - OfficeDev/microsoft-teams-apps-incidentreport GitHub Wiki

To begin, you will need:

  • An Azure subscription where you can create the following kind of resources:
    • App service
    • App service plan
    • Bot channels registration
    • Azure storage account
    • Azure search
    • Application Insights
  • A team in Microsoft Teams with your group of experts. (You can add and remove team members later!)
  • A copy of the Incident Reporter app GitHub repo

Step 1: Register Azure AD applications

Register two Azure AD applications in your tenant's directory: one for the bot, and another for the configuration app.

  1. Log in to the Azure Portal for your subscription, and go to the "App registrations" blade here.

  2. Click on "New registration", and create an Azure AD application.

    1. Name: The name of your Teams app - if you are following the template for a default deployment, we recommend "Incident Reporter".
    2. Supported account types: Select "Accounts in any organizational directory"
    3. Leave the "Redirect URL" field blank.

  1. Click on the "Register" button.

  2. When the app is registered, you'll be taken to the app's "Overview" page. Copy the Application (client) ID; we will need it later. Verify that the "Supported account types" is set to Multiple organizations.

  1. On the side rail in the Manage section, navigate to the "Certificates & secrets" section. In the Client secrets section, click on "+ New client secret". Add a description for the secret and select an expiry time. Click "Add".

  1. Once the client secret is created, copy its Value; we will need it later.

  2. Go back to “App registrations”, then repeat steps 2-3 to create another Azure AD application for the configuration app.

    1. Name: The name of your configuration app. We advise appending “Configuration” to the name of this app; for example, “Incident Reporter Configuration”.
    2. Supported account types: Select "Account in this organizational directory only"
    3. Leave the "Redirect URL" field blank for now.

At this point you have 4 unique values:

  • Application (client) ID for the bot
  • Client secret for the bot
  • Directory (tenant) ID, which is the same for both apps
  • Application (client) ID for configuration app

We recommend that you copy these values into a text file, using an application like Notepad. We will need these values later.

Step 2: Deploy to your Azure subscription

  1. Click on the "Deploy to Azure" button below.

Deploy to Azure

  1. When prompted, log in to your Azure subscription.

  2. Azure will create a "Custom deployment" based on the ARM template and ask you to fill in the template parameters.

  3. Select a subscription and resource group.

  • We recommend creating a new resource group.
  • The resource group location MUST be in a datacenter that supports: Application Insights; and Azure Search. For an up-to-date list, click here, and select a region where the following services are available:
  • Application Insights
  • Azure Search
  1. Enter a "Base Resource Name", which the template uses to generate names for the other resources.
  • The app service names [Base Resource Name], [Base Resource Name]-config, must be available. For example, if you select contosoincidentreport as the base name, the names contosoincidentreport, and contosoincidentreport-config must be available (not taken); otherwise, the deployment will fail with a Conflict error.
  • Remember the base resource name that you selected. We will need it later.

  1. Fill in the various IDs in the template:

    1. Bot Client ID: The application (client) ID of the Microsoft Teams Bot app

    2. Bot Client Secret: The client secret of the Microsoft Teams Bot app

    3. Tenant Id: The tenant ID above

    4. Config App Client Id: The application (client) ID of the configuration app

    5. Config Admin UPN: Valid UPN for configuration app access.

Make sure that the values are copied as-is, with no extra spaces. The template checks that GUIDs are exactly 36 characters.

  1. If you wish to change the app name, description, and icon from the defaults, modify the corresponding template parameters.

  2. Add the team link in team link input field. Get the link to the team with your experts from the Teams client. To do so, open Microsoft Teams, and navigate to the team. Click on the "..." next to the team name, then select "Get link to team".

  3. Agree to the Azure terms and conditions by clicking on the check box "I agree to the terms and conditions stated above" located at the bottom of the page.

  4. Click on "Purchase" to start the deployment.

  5. Wait for the deployment to finish. You can check the progress of the deployment from the "Notifications" pane of the Azure Portal. It can take more than 10 minutes for the deployment to finish.

  6. Once the deployment has finished, you would be directed to a page that has the following fields:

  • botId - This is the Microsoft Application ID for the Incident Reporter bot.
  • appDomain - This is the base domain for the Incident Reporter Bot.
  • configurationAppUrl - This is the URL for the configuration web application.

Step 3: Set up authentication for the configuration app

  1. Note the location of the configuration app that you deployed, which is https://[BaseResourceName]-config.azurewebsites.net. For example, if you chose "contosoincidentreport" as the base name, the configuration app will be at https://contosoincidentreport-config.azurewebsites.net

  2. Go back to the "App Registrations" page here.

  3. Click on the configuration app in the application list. Under "Manage", click on "Authentication" to bring up authentication settings.

  4. Click on Add a platform, select Web.

  5. Add new entry to "Redirect URIs": If your configuration app's URL is https://contosoincidentreport-config.azurewebsites.net, then add the following entry as the Redirect URIs:

    Note: Please refer to Step 3.1 for more details about the URL.

  6. Under "Implicit grant", check "ID tokens" and "Access tokens". The reason to check "ID tokens" is because you are using only the accounts on your current Azure tenant and using that to authenticate yourself in the configuration app. Click configure.

  7. Add new entries to "Redirect URIs": If your configuration app's URL is https://contosoincidentreport-config.azurewebsites.net, then add the following entry as the Redirect URIs:

  8. Click "Save" to commit your changes.

Step 4: Create the Teams app packages

Create two Teams app packages: one for end-users to install personally, and one to be installed to the experts team.

  1. Open the Manifest\manifest_enduser.json file in a text editor.

  2. Change the placeholder fields in the manifest to values appropriate for your organization.

  • developer.name (What's this?)

  • developer.websiteUrl

  • developer.privacyUrl

  • developer.termsOfUseUrl

  1. Change the <<botId>> placeholder to your Azure AD application's ID from above. This is the same GUID that you entered in the template under "Bot Client ID".

  2. In the "validDomains" section, replace the <<appDomain>> with your Bot App Service's domain. This will be [BaseResourceName].azurewebsites.net. For example if you chose "contosoincidentreport" as the base name, change the placeholder to contosoincidentreport.azurewebsites.net.

  3. Save and Rename manifest_enduser.json file to a file named manifest.json.

  4. Create a ZIP package with the manifest.json,color.png, and outline.png. The two image files are the icons for your app in Teams.

  • Name this package incidentreport-enduser.zip, so you know that this is the app for end-users.
  • Make sure that the 3 files are the top level of the ZIP package, with no nested folders.

  1. Delete the manifest.json file.

Repeat the steps above but with the file Manifest\manifest_sme.json. Name the resulting package incidentreport-experts.zip, so you know that this is the app for experts.

Step 5: Run the apps in Microsoft Teams

  1. If your tenant has sideloading apps enabled, you can install your app by following the instructions here

  2. You can also upload it to your tenant's app catalog, so that it can be available for everyone in your tenant to install. See here

  3. Install the experts app (the incidentreport-experts.zip package) to your team of subject-matter experts.

  1. Install the end-user app (the incidentreport-enduser.zip package) to your users.

Troubleshooting

Please see our Troubleshooting page.

⚠️ **GitHub.com Fallback** ⚠️