# Creating a Microsoft Teams Enterprise Workbot
DEPRECATION NOTICE
This page uses the Microsoft Teams Developer Portal (opens new window) to create and manage an app. As of January 1, 2022, Microsoft has deprecated App Studio.
The approach outlined on this page is the new, recommended method, but the App Studio instructions have been retained for reference.
Enterprise Workbots are Microsoft Teams apps you create that can leverage the Workato bot platform under the hood. You can fully customize your bot's identity, such as:
- Branding (bot name, bot logos, accent color)
- Custom OAuth profile (bot ID, App secret)
- Permissions
These Microsoft Teams apps can be sideloaded into your Microsoft Teams groups or channels for use by your members. If you want control over your bot's branding and permissions or multiple purpose-specific bots, Enterprise Workbots are for you.
# Setup requirements
To set up an Enterprise Bot, you must have the following:
In Workato:
- Access to:
- Workbot. If you don't see the Platform > Workbot option in your account, contact your Customer Success Manager.
- Custom OAuth profiles. If you don't see the Tools > Custom OAuth Profiles option in your account, contact your Customer Success Manager.
- Privileges that allow you to:
- Create and configure Workbots.
- Create and configure Custom OAuth Profiles.
- Access to:
In your Microsoft organization:
- One of the following roles:
- Application administrator
- Cloud application administrator
- Global administrator
- Privileged role administrator
DELEGATED PERMISSIONS AND APPLICATION PERMISSIONS
You can set up an Enterprise Workbot to use either Delegated or Application permissions (opens new window). Delegated permissions, set as the default option, use the OAuth user's permissions to establish the connection in Workato. The user setting up the connection must have one of the preceding roles.
Using Application permissions requires additional set up in Microsoft Teams but enhances security compared to Delegated Permissions. This method ensures the connection remains independent of the user, avoiding disconnection when the user logs out and allowing a non-administrator to set up the connection.
Follow step 5 (optional) to set up Application permissions.
Check your role assignments in Microsoft (opens new window) by navigating to Users > You (select your name) > Assigned roles.
- One of the following roles:
# Step 1: Create the Workbot in Workato
Sign in to your Workato account.
Navigate to Platform > Workbot.
Click the Custom bot tab, then click + New custom bot.
Navigate to the Application field and select Workbot for Microsoft Teams.
Enter a name for the bot in the Name field.
Click Create new app. You are redirected to the Microsoft Teams Developer Portal (opens new window).
Keep this page open to complete the setup for your bot.
# Step 2: Create a Microsoft Teams app
- Step 2.1: Create the bot in Microsoft Teams Developer Portal
- Step 2.2: Create the app
- Step 2.3: Configure the bot permissions
- Step 2.4: Add the bot to Microsoft Teams
- Step 2.5: Configure authentication redirect URLs
# Step 2.1: Create the bot in the Microsoft Teams Developer Portal
Sign in to your Microsoft Teams account.
Navigate to the Tools > Bot Management (opens new window) page.
Click + New Bot.
Enter a name for the bot and click +Add. Use the same name as your app to avoid confusion.
Copy the Bot endpoint address from Step 4 of Workato's instructions. It should look similar to the following example:
https://app.workato.com/skype_webhooks/event?coak_id=42
Click Save.
Copy the Bot ID from the page's URL. It should look similar to the following example:
https://dev.teams.microsoft.com/bots/<YOUR-BOT-ID>/configure
Keep this information somewhere handy for use in later steps.
Navigate to the Client secrets section and click Add a client secret for your bot.
Copy the secret and keep it handy for later set up steps in Workato. Note that each secret is only shown once.
# Step 2.2: Create the app
Sign in to the Microsoft Teams Developer Portal (opens new window).
Open the Apps page and click + New app.
Fill in the following required fields:
- Short description
- Long description
- Developer info
- App URLs
- Privacy policy
- Terms of use
Navigate to Basic Information and copy the Bot ID from step 2.1 to the Application (client) ID field.
Click Save.
Navigate to Branding section and set up the branding for the bot.
Navigate to the Domains section of your app, click Add a domain, and enter *.workato.com
.
# Step 2.3: Configure the bot's permissions
Navigate to App features and click Bot.
Select your newly created bot from the drop-down menu.
Navigate to What can your bot do and check Upload and download files.
Choose Select the scopes in which people can use this command and check Personal
, Team
, and Group Chat
.
Click Save.
Click Add a command.
Define the following:
- Command: Enter
help
. - Description: Enter
Type 'help' to view available commands
. - Scopes: Check
Personal
,Team
, andGroup Chat
.
Click Save again.
# Step 2.4: Add the bot to Microsoft Teams
Go to an Microsoft Teams channel and open a one-on-one chat or a group chat.
Type @
in the text box and select Get bots.
Locate your bot and add it to Microsoft Teams.
# Step 2.5: Configure authentication redirect URLs
Navigate to your Microsoft Teams Developer Portal (opens new window).
Click the search bar, enter App Registration
, and select the result.
Click your bot on the page that displays.
Use the left navigation bar to click Authentication.
Navigate to Platform configurations, click +Add a platform, and select Web.
Enter the redirect URI, depending on your data center:
- US Data Center:
https://www.workato.com/oauth/callback
- EU Data Center:
https://app.eu.workato.com/oauth/callback
- JP Data Center:
https://app.jp.workato.com/oauth/callback
- SG Data Center:
https://app.sg.workato.com/oauth/callback
- AU Data Center:
https://app.au.workato.com/oauth/callback
Click Save near the top of the page.
# Step 3: Configure Workato to talk to the app
Navigate back to the Workato page from Step 1.
Go to the Step 3 section and fill in the following fields:
- Bot ID: The Bot ID from the previous section. Also located in Tools > Bot management > Your bot.
- Client secret: The client secret from the previous section.
- App ID: Located in Apps > Your app > Basic Information.
Click Save.
# Step 4: Publish to your org
Open your Microsoft Teams portal and click Publish in the top navigation bar.
Select Publish to your org. The publish request is published when your Microsoft Teams admin approves the request.
# Step 5: Set up Application permissions (optional)
To set up the Workbot app with Application permissions instead of Delegated permissions, follow this additional step to configure them in Microsoft Teams.
Last updated: 3/26/2024, 10:00:01 PM