Configuring settings to launch Microsoft Teams chat from incidents

By using Microsoft Teams chat capability directly from an incident, service desk agents and major incident management teams in your organization can collaborate within the organization to effectively resolve incidents, especially major incidents. As an administrator, you configure the following settings so that the service desk agents, specialists, or major incident management team members can launch the Microsoft Teams chat directly for collaboration from an incident ticket. 

Related topics

Managing-and-tracking-major-incidents
Quickstart: Register an application with the Microsoft identity platform

Launching ChatOps for collaboration

To launch Microsoft Teams from the major incident screen, you must configure the following settings in the Azure Portal:

  1. Register an application in Azure AD.
  2. Generate Client ID and a Secret Key.
  3. Update permissions in the Azure application.
  4. Add Redirect URI.
  5. Update the configuration form.

To use BMC HelixGPT to launch ChatOps, see Configuring Microsoft Teams bot for streamlining incidents

Before you begin

  • Ensure that you have an Azure account that has an active subscription, and you have the application administrator permissions in Azure.
  • You have Application administrator role or the permission to manage applications in Azure Active Directory (Azure AD).

To register an application in Azure Active Directory

In this step, register a new application in Azure AD and define the type of account. This application is intended to be used for collaboration only by users in your tenant.

  1. Sign in to the Azure portal.

  2. In Manage Azure Active Directory > App registrations, click +New registration.

    App_Registrations.png
     
  3. In the Name field, enter a display name for the application.
  4. From the Supported accounts type options, select Accounts in this organizational directory only (<company name> only - Single tenant).

App_Registrations_Screen_Details.png
 

  1. Click Register.

To generate Secret ID

The Secret ID is used by the application to identify and authenticate itself to launch Microsoft Teams from BMC Helix ITSM.

  1. In the Overview pane, under Client credentials, click Add a certificate or secret.

    Screen_3_AddCertificate.png
     
  2. Click +New client secret and then enter the details.
    Screen_3A_AddCertificate.png
     
  3. Click Add to generate the secret ID.
  4. Click the Copy icon to copy the Secret ID.
    You need to enter this Secret ID in the Collaboration Room Configuration form.
    Screen_4_ClientID.png
     

To update permissions in the MS Azure application

In this step, you configure the application access to Microsoft Graph.

  1. In the API permissions pane, click +Add a permission.
  2. On the Microsoft API tab, click Microsoft Graph.
  3. For What type of permissions does your application require?, select Delegated permissions.
  4. Add the permission as shown in the following image:

    Screen_5_Permissions.png

To add a Redirect URI

After the app is registered and authenticated, the authorization server sends the user to the redirect URI that you configure. Perform the following steps to add a redirect URI for BMC Helix ITSM:

  1. In the  Authentication pane, click +Add a platform.
  2. Select Web. In the Redirect URI, enter your Mid-Tier URL followed by pwa/assets/swarm/swarm.html.
    For example, https://hostname.bmc.com/arsys/pwa/assets/swarm/swarm.html
  3. Click Configure.
    Screen_5_Redirect_URI.png
     

To update the Collaboration Room Configuration form

BMC Helix ITSMneeds the details to launch Microsoft Teams chat for the users in your tenant. Perform the following steps to fill the Collaboration Room Configuration form with required details:

  1. Select Administrator Console > Application Administration Console.
  2. On the Custom Configuration tab, expand the Foundation option.
  3. Expand the Advanced Options, and then click Collaboration Room Configuration.
  4. Specify the details in the Collaboration Room Configuration Settings form, as shown in the following image.
    Entries_Collaboration_COnfig_Form.png
  5. Click Save.

To provide consent to initiate a chat

To launch Microsoft Teams chat from the incident screen, the Azure AD application administrator needs to provide a consent and approve it. You can use one of the following options to grant the permission:

  • As an Azure AD administrator or a user with permission to manage applications in Azure AD, you grant the permission upfront by clicking the permission URL.
    The URL format must be:
    https://login.microsoftonline.com/common/adminconsent?client_id= <Application Client ID>&state=12345&redirect_uri=https://localhost/myapp/permissions.
  • For the first time, when a major incident team member launches Microsoft Teams chat from the incident screen, the Azure AD application administrator receives a request to approve it. Sign in to the Azure portal and grant the permission.

Consent_Form.png

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*