Create Microsoft Azure application and authenticate users to access Employee Center in Microsoft Teams

  • Release version: Washingtondc
  • Updated January 30, 2025
  • 2 minutes to read

    • Create a Microsoft Azure application in the Microsoft Azure portal to enable agents to start and import the chat conversations, and assign permissions to users to view the Employee Center dashboard in the Microsoft Teams application.

    Before you begin

    Role required: Microsoft Azure admin

    Procedure

    1. Log in to the Microsoft Azure portal.
    2. Navigate to Azure Services > Microsoft Entra ID > Manage > App registrations.
    3. Select New registration.
      The Register an application form appears.
      Register an application
    4. Enter the name for your application, for example: ServiceNow Auth app, on the Register an application page.
    5. Select Accounts in this organizational directory only (Servicenow only - Single tenant).
      For more information on why this option is selected, see Identity and account types for single- and multi-tenant apps.
    6. Select Register.
      A new Microsoft Azure app is registered.
    7. Navigate to Manage > Authentication.
    8. Select Add a platform > Web.
    9. On the Configure Web form, fill in the fields.
      Table 1. Configure Web form
      Field Description
      Redirect URIs

      Provide the redirect URI. The redirect URI should be in the following format:

      https://<instance-url>/sn_now_teams_ms_login.do

      where <instance-url> is the ServiceNow instance URL.
      Implicit grant Select Access tokens and ID tokens.

      Configure web form

    10. Select Configure.
    11. Navigate to Manage > API Permissions > Add a permission > Microsoft Graph.
    12. Select Delegated permissions.
    13. Select Openid permissions accordion, and select email, offline_access, openid, and profile check boxes.
      Request API permissions
    14. Select Add permissions.
    15. In the API permissions screen, select the Grant admin consent for {tenant} link.
    16. Select Yes on the pop-up dialog box.
    17. Navigate to Manage > Expose an API.
    18. Select Set against Application ID URI, and enter the application URI in the format: api://<instance>.<domain_name>.com/<client_id>.
      Note:
      The client ID is the application ID from your Microsoft Azure portal.
    19. Select Save.
    20. Select Add a scope.
      In the Add a scope form, fill the following fields.
      Table 2. Add a scope form
      Field Description
      Scope name access_as_user
      Who can consent Admins and users
      Admin consent display name Teams can access the user’s profile.
      Admin consent description Allows Teams to call the app’s web APIs as the current user.
      User consent display name Teams can access the user profile and make requests on the user's behalf.
      User consent description Enable Teams to call this app’s APIs with the same rights as the user.
      State Enabled

      Add scope

    21. Select the Add scope button.
    22. Navigate to Authorized client applications > Add a client application.
    23. In the Add a client application form, fill the fields.
      Table 3. Add client application form
      Field Description
      Client ID

      • Microsoft Teams mobile/desktop application:

        1fec8e78-bce4-4aaf-ab1b-5451cc387264

      • Value for Microsoft Teams web application:

        5e3ce6c0-2b1f-4285-8d4b-75ee78787346
      Authorized scopes Check the authorized scope
      Note:
      For using Employee Center in Microsoft 365 applications, add the following client IDs:
      Table 4. Microsoft 365 applications client IDs
      Client ID Description

      4765445b-32c6-49b0-83e6-1d93765276ca

      Client ID for Microsoft 365 web application

      0ec893e0-5785-4de6-99da-4ed124e5296c

      Client ID for Microsoft 365 desktop application

      d3590ed6-52b3-4102-aeff-aad2292ab01c

      Client ID for Outlook desktop application web application

      bc59ab01-8403-45c6-8796-ac3ef710b3e3

      Client ID for Outlook web application

      27922004-5251-4030-b22d-91ecd9a37ea4

      Client ID for Outlook mobile application

      For more information on the client IDs, see Configure your tab app in Microsoft Entra ID in the Microsoft Teams documentation.

      Add client ID

    24. Select the Add application button.
      Copy the Application (client) ID, and Directory (tenant) ID from the application overview page in the Microsoft Azure portal to update the details in the ServiceNow instance.

      Application ID and the tenant ID from the app overview page