# Microsoft Teams Notification

{% hint style="info" %}
The Microsoft Teams bot for Cisco Identity Intelligence is currently <mark style="color:$warning;">only available within the US Duo deployment</mark>, for architectural reasons related to Teams app requirements.  Cisco is working to expand access within Microsoft's framework for Teams apps and the Teams marketplace.
{% endhint %}

## Overview <a href="#overview" id="overview"></a>

Identity Intelligence can integrate with one or more Microsoft Teams instances to provide notifications and in some cases automation of frequently recurring identity tasks.

### Audience <a href="#audience" id="audience"></a>

This document is intended for identity security, IAM, and IT administrators responsible for integrations between identity, security, and collaboration platforms, including notifications, alerting, and incident remediation.

### Benefits <a href="#benefits" id="benefits"></a>

Integrating the Identity Intelligence platform with your Teams environment allows for fast notification and remediation of both failed identity health checks and also individual user identity issues or investigations.

For more information, please see the corresponding article detailing different types of notifications and collaboration available from Identity Intelligence.

## Requirements <a href="#requirements" id="requirements"></a>

The following requirements exist for the Teams notifications integration:

1. Azure AD must **first** be configured in your Identity Intelligence tenant for Azure tenant that underlies your Teams environment
2. A Teams admin account is required to upload the Identity Intelligence Bot for Teams via the Teams admin center
3. A Team or Channel owner role is required to add the Identity Intelligence Bot app to the desired channel

### Important Notes

1. The Teams app **cannot be added to a private Teams channel**, due to Microsoft restrictions on third party apps
2. The current Teams app **only connects with US production Identity Intelligence tenants**.  See notice above.

## High-level Integration Steps

The current steps to configure this functionality are as follows.

1. Configure the [Azure AD integration](https://docs.oort.io/docs/azuread) for your Identity Intelligence team to the corresponding Azure tenant where the Teams environment resides (**required**)
2. Download the Identity Intelligence (Oort) Production Teams App (zip file below).  If you have any issues downloading the file, contact your Cisco Support representative

{% file src="<https://582105988-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPSBzsjxd7KYg9DNVZ4l%2Fuploads%2Fb1iLnQhUSGCdbN0qsFoj%2FMicrosoft%20Teams%20-%20Oort%20Production%20Bot.zip?alt=media&token=b111a13e-fcfa-4256-9445-f474f18e581b>" %}

3. Install the Identity Intelligence (Oort) Teams communication bot in your Teams tenant as an administrator
4. Configure Teams notifications for the desired checks and events in the Identity Intelligence console

### Installing the Identity Intelligence app in your Teams environment <a href="#installing-the-oort-app-in-your-teams-environment" id="installing-the-oort-app-in-your-teams-environment"></a>

1. From within the [Teams admin center](https://admin.teams.microsoft.com/) console, select **Teams apps -> Manage apps**
2. Click **+ Upload** and then **Upload** again
3. Select the ZIP file, provided above, and upload it
4. After successful upload, click the link to manage the app
5. From here you will be see the details of the app

### Adding the Identity Intelligence app to a Teams channel or team <a href="#adding-the-oort-app-to-a-teams-channel-or-team" id="adding-the-oort-app-to-a-teams-channel-or-team"></a>

To add the app to a Team or Channel, perform the following steps.

**Note - You must be signed into Teams with an account that has the Owner role for the Team and Channel where you want to install the Identity Intelligence (Oort) Bot for use in your organization.**

1. Select the desired Team and click the three dot menu. Select **Manage team**
2. Select the **Apps** tab and then **More apps** button on the right. Click the **Identity Intelligence (Oort) Bot**. If there are many apps under *Built for your org*, then click **See all** on the right side
3. Click **Add to a team**
4. Select the desired Team and channel and click **Install bot**
   1. If you a receive a **Something went wrong** message, this means that the account you're signed into Teams with is not an owner of that Team or channel and doesn't have permissions to install applications. Sign out and sign in with an account that is an owner of the desired Team
5. From the Manage channel -> Apps tab, you should now see the Identity Intelligence (Oort) Bot in your app list

You must now proceed to the next section to add Teams as a notification target within Identity Intelligence.

### Adding a Teams notification target in Identity Intelligence <a href="#adding-a-teams-notification-target-in-oort" id="adding-a-teams-notification-target-in-oort"></a>

1. Within your Identity Intelligence tenant console, navigate to **Integrations** and **Add Integration**. You should now see a Microsoft Teams tile under the Notification Targets category.
2. Click **+ Add MS Teams Target**
3. Provide a **Name** and **Description** for the notification target. NOTE: more than one target can be configured to the same Teams tenant
4. Select either **Failed checks** or **Data collection**, or both, for the types of notifications to send to this target
   1. **Failed checks** notifications provide Teams notifications on a daily basis of net-new users failing specific health checks. Please see below
   2. **Data collection** provides a daily update notification upon successful user data collection from one or more integrations
5. Select the desired Microsoft Teams environment
6. Enter the desired **channel name** OR **specific person via UPN** (e.g. <firstname.lastname@company.com>) where the notifications should go to\
   \
   **Select Checks Manually**: Check the box next to everything to check for. Use the search field to search for checks by name.\
   \
   When you're finished, click **Add Checks** and select the check box next to each check to add.\
   \
   **Select Checks by Category**: Check the box next to every Severity (or click **All** to select all severities), then check the box next to every **Topic** (or click **All** to select all topics).
7. Click **Save**
8. You will now see a Teams entry for both Instant Messaging (direct msgs to users or their managers) and Notification targets
9. You can test connectivity using the three dot menu on the right side of the integration object
10. A successful test message will be sent to the target indicating this is a "verification" message

{% hint style="info" %}
Using the **Test** button for a notification target on a specific check page will send a test message to the signed in user, NOT the configured channel, to verify any custom messages look as intended
{% endhint %}

### Configuring Teams Notifications for Identity Intelligence Checks <a href="#configuring-teams-notifications-for-oort-checks" id="configuring-teams-notifications-for-oort-checks"></a>

Now that the Teams integration is in place, configure one or more check types to send notifications to the configured channel.

For example, for the Inactive Users check, you can send Failure Reports to the Teams notification targets once a day. This occurs when data is collected and processed by Identity Intelligence.

You can also send direct messages to users or their manager upon failure of a particular check. This is useful when the user or the manager can take direct action to remediate the issue.

For example, a manager of an inactive user can submit a ticket or begin the process to deactivate an inactive user account if that user no longer needs access.

### Deleting the Identity Intelligence app for Teams <a href="#deleting-the-oort-app-for-teams" id="deleting-the-oort-app-for-teams"></a>

Should it be necessary to delete the Identity Intelligence app from your Teams environment, simply find it in the **Manage apps** screen and click it to see details.

From this screen, the three dot menu will provide an option for **Actions -> Delete**.