Breadcrumbs

Set up Azure & Configure Salesforce authentication

Prerequisites

To create Teams meetings, a Microsoft Azure account is required. Note that the API is only designed to be accessed by an Azure developer account, a work account, or a school account. Personal accounts do not have access to the ability to create Teams online meetings.

Integration setup with a work account

To use the integration with a business account, you must have Microsoft 365, and access to Microsoft Entra ID (formerly Azure Active Directory). The user that is configuring Microsoft Azure must also have logged into Teams previously in order to create meetings.

Set up GoMeddo Application in Azure

The first thing needed is to set up a new custom application in Microsoft Entra ID that will be used to generate the authentication and authorization info for GoMeddo connections.

The process for setting up the application will involve:

  1. Creating an application record

  2. Configuring API permissions

  3. Generating a client secret to be used in Salesforce

  4. Specifying a redirect URI in Azure for GoMeddo (completed after creating the record in Salesforce)

App Setup

  • Navigate to the Microsoft Entra ID home page

  • Create a new App from the App Registrations link along the left hand side and click on New Registration

54A9dSSl_GUs-NcGoT7v5-R4B2ewUlBMrXFQo0Ie_cYMz_oEvNaa8xQWIA-xPvip8fu7uIvDe_qbpl5onO7VdUa5tugDr8Mw8buF8zt6_4ysiTpHVJYI2OqTaw6RBFoQ7s9qtBKtnIpzbZA-3g

  • Provide a name for the app (e.g. GoMeddo) and leave the supported account type on single tenant

    • We will fill in the redirect URI in a later step

  • Click Register


API Permissions Setup

  • Click on API permissions from the left-hand side of the application you have created.

  • Click + Add a permission

    • Select Microsoft Graph

    • Select the following Delegated permissions (you can select them in one go):

      • Mail.Read

      • Offline_access

      • OnlineMeetings.ReadWrite

      • User.Read

    • Click Add permissions

  • Click + Add a permission

    • Select Microsoft Graph

    • Select the following Application permission:

      • OnlineMeetings.ReadWrite.All

    • Click Add permissions

  • Click on Grant Admin Context for MSFT.

  • Click Yes

  • Your page should now look like this:

    Screenshot 2024-01-10 at 15.02.38.png
    API permissions - Please see as well

Certificate Setup

Next we will create the client key and secret (to be used in Salesforce).

  • Click on the Certificates & secrets Menu item on the left hand side. 

  • Click on New client secret

  • Enter a new description and the expiration of the secret. You can choose whatever you like or keep the default.

  • Click Add

Important: Copy and save the Value for later use when setting up authentication in Salesforce. You will not be able to access it again if you navigate away from the page (you will have to create a new one)

Screenshot 2024-01-10 at 15.05.30.png
Certificates & secrets

Setup Salesforce

Setup Auth. Provider in Salesforce

To set up an Auth. Provider in Salesforce, follow these steps:

  1. Open Salesforce in a new screen

  2. Go to Setup > Auth. Providers

  3. Add a new provider and choose "Open ID Connect" as the type

  4. Fill in a Name and press Tab, this will also fill in the URL Suffix

  5. Go back to your Azure screen > Microsoft Entra ID > App Registrations > All applications > “Your New App” and copy the Application (client) ID

  6. Go back to your Salesforce screen and paste the value in the Consumer Key field

  7. Fill the Consumer Secret field with the value that you copied earlier when creating the Certificates & Secrets in Azure

  8. Navigate back to Microsoft Azure > Microsoft Entra ID > “Your App Name”

  9. Click Endpoints. Copy down the following two URLs:

    • OAuth 2.0 authorization endpoint (v2)

    • OAuth 2.0 token endpoint (v2)

      wA6Q0fEJiLDrPHE2uatPbcDba_jcUJlllnoMhahjF4EtzTcBl48HLrsHQPBFohBZr-agLLWN39dOQRVGWyIGRRvtho0-IvsI00rK_3y-zy6-n7XfZiK7AmqH3Mn6BO9dUSNDtXmvaEtXsHwkug

  10. Fill the Authorize Endpoint URL with the OAuth 2.0 authorization endpoint (v2) value you just copied

  11. Fill the Token Endpoint URL with the OAuth 2.0 token endpoint (v2) value you just copied

  12. Ensure that the three below checkboxes are checked:

    1. “Send client credentials in header”

    2. “Send access token in header”

    3. “Include Consumer Secret in SOAP API Responses”

  13. Click Save.

  14. After you create the record, scroll down to the Salesforce Configuration section. Copy the URL listed for Callback URL.

  15. Navigate back to Microsoft Azure > Microsoft Entra ID > “Your App Name” > Authentication

  16. Click on + Add a platform

  17. Select Web

  18. Paste the Callback URL you just copied in the Redirect URis field in Azure

  19. Click Configure

Create External Credential in Salesforce

  1. Go back to your Salesforce screen

  2. Go to Setup > Named credentials

  3. Navigate to the External Credentials tab

  4. Click New

  5. Name it “GoMeddoTeams”, and choose OAuth 2.0 as the protocol

  6. Then add scope: Mail.Read Offline_access OnlineMeetings.ReadWrite User.Read

  7. Choose the Authentication Provider from the previous step

    Screenshot 2024-01-05 at 10.45.45.png

     

  8. Click Save

  9. Scroll down to Principals list

  10. Click New

  11. Fill in a Parameter Name, this can be anything

  12. Leave the Sequence Number as-is

  13. Make sure the Identity Type is set to Named Principal

  14. Give it the same scope as the external credential: Mail.Read Offline_access OnlineMeetings.ReadWrite User.Read

    Screenshot 2024-01-05 at 10.45.16.png

  15. Click Save

  16. Scroll down to the Principals list again. Click on the down arrow under Actions and press Authenticate:

    Screenshot 2024-01-05 at 10.46.43.png

  17. (This step my be skipped automatically) Press Allow. If Azure was properly configured with the Redirect URI, the credentials will successfully authenticate. Note: you may be prompted to log in to Azure again.

  18. Afterwards, Salesforce will inform you that it was successful.

    Screenshot 2024-01-05 at 10.56.15.png

Create Named Credential in Salesforce

  1. Go to Setup > Named Credentials

  2. Click New under Named Credentials (not External Credentials this time)

  3. Add a Label, and add MS_Teams_Named_Credential as the name.

  4. Add https://graph.microsoft.com/v1.0/me/onlineMeetings to the URL field

  5. Add the External Credentials "GoMeddoTeams" and include "GMTeams" in Allowed Namespaces

  6. Leave the rest as-is

  7. Click Save

Screenshot 2024-01-10 at 13.12.42.png

Map Principal to Permission Set in Salesforce

  1. Go to Setup > Permission Sets

  2. Select an existing Permission Set, or create a new one. This Permission Set will make sure that Reservations created by users contain a Teams link.

  3. Within the Permission Set, go to External Credential Principal Access

  4. Click Edit

  5. Select the Principal from the previous step in the left column, and add it to the right column

  6. Click Save

  7. Assign this permission set to any user that should generate Teams links for the reservations they create.

Make sure to assign this Permission Set to any user that should generate Teams links for Reservations they create!

Continue

Proceed to Set the meeting url using a flow