MS Teams setup
- MSteams - mattermost - matterbridge integration
- Go to Microsoft Azure portal
- Go to App registrations
- Create a new App registration
- Set Permissions
- Set redirect URI
- Set application as public client
- Get necessary ID's for matterbridge
- Matterbridge configuration
This is a complete walkthrough about how to setup an example mattermost <=> microsoft teams integration using matterbridge.
Please read everything very careful!
Click on New Registration (top)
- Choose
graph API - Choose
delegated permissions - Add
Group.Read.All,Group.ReadWrite.AllandUser.Read. These permissions are needed for sending/reading chat messages in a channel. - Add
Files.Read,Files.Read.All,Sites.Read.All. These permissions are needed for reading the file attachments in messages.
This can take a while according to the message
You can now click on the Grant admin consent for yourorganization
You'll get a popup with the permissions you just added. Agree
This will take a few minutes again :)
Afterwards you'll see green checkboxes for the permissions
This needs to be set otherwise the delegation doesn't work. Click on "Add a redirect URI"
Just fill in something like http://localhost:12345/matterbridge
Scroll down a bit
Set Treat application as a public client. to Yes
Don't forget to click Save on top of the page
Click on overview, left upper link.
You'll see 2 ID's, these are needed for the matterbridge configuration.
- Tenant ID
- Client ID
Go to your teams website https://teams.microsoft.com should work.
Find your team, click on the 3 dots and select get link to team
This will get you a popup, click copy.
If you paste it you'll get something like
The groupID is the TeamID you need to configure matterbridge.
Next you have to decide which channel you want to bridge with for example mattermost.
In our setup we have the team matterbridge with 2 channels General (a default channel for every team) and newchannel one I created.
You'll find the channel ID in the URL in the threadId=19:82abcxxxxxxxxx@thread.skype
Note this ID 19:82abcxxxxxxxxx@thread.skype, we will need it when configuring the bridging.
Create an empty matterbridge.toml file
You should know have all the three ID's to configure matterbridge:
[msteams.teams]
TenantID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
ClientID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
TeamID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
RemoteNickFormat="[{PROTOCOL}] <{NICK}> "add this to the matterbridge.toml file
See als the wiki
Configure this for your setup and add this to the matterbridge.toml file
[mattermost.mymattermost]
#The mattermost hostname. (do not prefix it with http or https)
Server="yourmattermostserver.domain:443"
#the team name as can be seen in the mattermost webinterface URL
#in lowercase, without spaces
Team="yourteam"
#login/pass of your bot.
#Use a dedicated user for this and not your own!
Login="yourlogin"
Password="yourpass"
RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
PrefixMessagesWithNick=trueIf you want to bridge the testing channel in mattermost with the general channel in msteams the configuration will look like this:
[[gateway]]
name="gw"
enable=true
[[gateway.inout]]
account = "mattermost.mymattermost"
channel = "testing"
[[gateway.inout]]
account="msteams.teams"
channel="19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype"The strange channel 19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype can be found in this documentation at the ChannelID header above.
Your matterbridge.toml file should contain:
[msteams.teams]
TenantID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
ClientID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
TeamID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
[mattermost.mymattermost]
Server="yourmattermostserver.domain:443"
Team="yourteam"
Login="yourlogin"
Password="yourpass"
RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
PrefixMessagesWithNick=true
[[gateway]]
name="gw"
enable=true
[[gateway.inout]]
account = "mattermost.mymattermost"
channel = "testing"
[[gateway.inout]]
account="msteams.teams"
channel="19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype"Now you can start matterbridge by running matterbridge -conf matterbridge.toml
The first time you start matterbridge it'll ask you to authenticate the app on behalf of you. You can do this from your own account or use a specific bot account for it.
Matterbridge can only read/send to the channels the account is in
[0003] INFO router: Starting bridge: msteams.teams
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code C8EGY6384 to authenticate.Go to the URL as specified and enter the code.
You'll now get a popup to consent, this is everything that matterbridge has access to. For now it'll only use read all groups and read and write all groups to read and send messages.
Afterwards you should see this window
And matterbridge will continue to start-up
Matterbridge by default will write a sessionfile containing tokens to the directory where matterbridge is running. It'll be a file called msteams_session.json. This files contains the necessary credentials so that matterbridge can restart/renew without asking the device login again.
Be sure to keep this file secure!
You can choose another path/filename, by adding SessionFile="yourfilename" to the [msteams.teams] configuration.