# Microsoft Teams connector for Amazon AppFlow Microsoft Teams Microsoft Teams is a platform developed by Microsoft that helps teams collaborate through chat, online meetings, and more. If you're a Microsoft Teams user, your account contains data about your resources, including teams, groups, and channels. You can use Amazon AppFlow to transfer data from Microsoft Teams to certain AWS services or other supported applications. ## Amazon AppFlow support for Microsoft Teams Amazon AppFlow supports Microsoft Teams as follows. **Supported as a data source?** Yes. You can use Amazon AppFlow to transfer data from Microsoft Teams. **Supported as a data destination?** No. You can't use Amazon AppFlow to transfer data to Microsoft Teams. ## Before you begin To use Amazon AppFlow to transfer data from Microsoft Teams to supported destinations, you must meet these requirements: + You have a Microsoft account with which you've signed up for the following services: + Microsoft Teams. For more information about the Microsoft Teams data objects that Amazon AppFlow supports, see [Supported objects](#microsoft-teams-objects). + Microsoft 365. + The Microsoft 365 Developer Program. + In the Microsoft Azure portal, you've created an app registration for Amazon AppFlow. The registered app provides the client credentials that Amazon AppFlow uses to access your data securely when it makes authenticated calls to your account. For the steps to register an app, see [Register an application with the Microsoft identity platform](https://learn.microsoft.com/en-us/graph/auth-register-app-v2) in the Microsoft Graph documentation. + You've configured your registered app with the following settings: + You've added one or more redirect URLs for Amazon AppFlow. Redirect URLs have the following format: ``` https://region.console.aws.amazon.com/appflow/oauth ``` In this URL, *region* is the code for the AWS Region where you use Amazon AppFlow to transfer data from Microsoft Teams. For example, the code for the US East (N. Virginia) Region is `us-east-1`. For that Region, the URL is the following: ``` https://us-east-1.console.aws.amazon.com/appflow/oauth ``` For the AWS Regions that Amazon AppFlow supports, and their codes, see [Amazon AppFlow endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/appflow.html) in the *AWS General Reference.* + You've added the recommended permissions below. + You've created a client secret. Note the following values from your registered app because you provide them to Amazon AppFlow when you connect to your Microsoft Teams account: + Application (client) ID + Directory (tenant) ID + Client secret ### Recommended permissions Before Amazon AppFlow can securely access your data in Microsoft Teams, your registered app must allow the necessary permissions for the Microsoft Graph API. We recommend that you enable the permissions below so that Amazon AppFlow can access all supported data objects. If you want to grant fewer permissions, you can omit any permissions that apply to objects that you don't want to transfer. You can add permissions to your registered app by using the API permissions page in the Microsoft Azure portal. Configure your permissions as follows: + Under **Microsoft APIs**, choose **Microsoft Graph**. + For the permissions type, choose **delegated**. For information about delegated permissions, see [Permission types](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#using-the-admin-consent-endpoint) in the Microsoft identity platform documentation. + Add the following recommended permissions: + `User.Read` + `Offline_access` + `User.Read.All` + `User.ReadWrite.All` + `TeamsTab.ReadWriteForTeam` + `TeamsTab.ReadWriteForChat` + `TeamsTab.ReadWrite.All` + `TeamsTab.Read.All` + `TeamSettings.ReadWrite.All` + `TeamSettings.Read.All` + `TeamMember.ReadWrite.All` + `TeamMember.Read.All` + `Team.ReadBasic.All` + `GroupMember.ReadWrite.All` + `GroupMember.Read.All` + `Group.ReadWrite.All` + `Group.Read.All` + `Directory.ReadWrite.All` + `Directory.Read.All` + `Directory.AccessAsUser.All` + `Chat.ReadWrite` + `Chat.ReadBasic` + `Chat.Read` + `ChannelSettings.ReadWrite.All` + `ChannelSettings.Read.All` + `ChannelMessage.Read.All` + `Channel.ReadBasic.All` For information about these permissions, see the [Microsoft Graph permissions reference](https://learn.microsoft.com/en-us/graph/permissions-reference) in the Microsoft Graph documentation. + Enable the option to grant admin consent to your app. For more information, see [Admin consent](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#admin-consent) in the Microsoft identity platform documentation. ## Connecting Amazon AppFlow to your Microsoft Teams account Connecting to Microsoft Teams To connect Amazon AppFlow to Microsoft Teams, provide details from your registered app in Microsoft Azure so that Amazon AppFlow can access your data. If you haven't yet configured your Microsoft account for Amazon AppFlow integration, see [Before you begin](#microsoft-teams-prereqs). **To connect to Microsoft Teams** 1. Sign in to the AWS Management Console and open the Amazon AppFlow console at [https://console.aws.amazon.com/appflow/](https://console.aws.amazon.com/appflow/). 1. In the navigation pane on the left, choose **Connections**. 1. On the **Manage connections** page, for **Connectors**, choose **Microsoft Teams**. 1. Choose **Create connection**. 1. In the **Connect to Microsoft Teams** window, enter the following information about your registered app: + **Custom authorization tokens URL** – The directory (tenant) ID. + **Custom authorization code URL** – The directory (tenant) ID + The **Client ID** and **Client secret**. 1. Optionally, under **Data encryption**, choose **Customize encryption settings (advanced)** if you want to encrypt your data with a customer managed key in the AWS Key Management Service (AWS KMS). By default, Amazon AppFlow encrypts your data with a KMS key that AWS creates, uses, and manages for you. Choose this option if you want to encrypt your data with your own KMS key instead. Amazon AppFlow always encrypts your data during transit and at rest. For more information, see [Data protection in Amazon AppFlow](data-protection.md). If you want to use a KMS key from the current AWS account, select this key under **Choose an AWS KMS key**. If you want to use a KMS key from a different AWS account, enter the Amazon Resource Name (ARN) for that key. 1. For **Connection name**, enter a name for your connection. 1. Choose **Continue**. A **Sign in** window opens. 1. Enter your user name and password to sign in to your Microsoft account. 1. On the **Permissions requested** page, choose **Accept**. On the **Manage connections** page, your new connection appears in the **Connections** table. When you create a flow that uses Microsoft Teams as the data source, you can select this connection. ## Transferring data from Microsoft Teams with a flow Transferring data from Microsoft Teams To transfer data from Microsoft Teams, create an Amazon AppFlow flow, and choose Microsoft Teams as the data source. For the steps to create a flow, see [Creating flows in Amazon AppFlow](create-flow.md). When you configure the flow, choose the data object that you want to transfer. For the objects that Amazon AppFlow supports for Microsoft Teams, see [Supported objects](#microsoft-teams-objects). Also, choose the destination where you want to transfer the data object that you selected. For more information about how to configure your destination, see [Supported destinations](#microsoft-teams-destinations). ## Supported destinations When you create a flow that uses Microsoft Teams as the data source, you can set the destination to any of the following connectors: + [Amazon Lookout for Metrics](lookout.md) + [Amazon Redshift](redshift.md) + [Amazon RDS for PostgreSQL](connectors-amazon-rds-postgres-sql.md) + [Amazon S3](s3.md) + [HubSpot](connectors-hubspot.md) + [Marketo](marketo.md) + [Salesforce](salesforce.md) + [SAP OData](sapodata.md) + [Snowflake](snowflake.md) + [Upsolver](upsolver.md) + [Zendesk](zendesk.md) + [Zoho CRM](connectors-zoho-crm.md) ## Supported objects When you create a flow that uses Microsoft Teams as the data source, you can transfer any of the following data objects to supported destinations: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/appflow/latest/userguide/connectors-microsoft-teams.html)