Microsoft Teams (combined)
Introduction
Integrate Microsoft Teams (Teams) with OX to receive real-time security alerts, incident updates, and workflow notifications directly in MS Teams channels.
This integration streamlines incident management, reduces response time, enhances team collaboration, and enables you to:
Connection methods
For general information about connection methods, see Connection methods.
To connect Teams to OX, use one of the following two connection methods:
Identity provider: OX sends notifications using your individual Microsoft user identity. You connect by authenticating to Microsoft directly from OX.
Bot identity provider: Sends Teams notifications from a unified "OX Security" app identity instead of individual user accounts. This method centralizes deployment via Teams policies and provides direct links from notifications to OX issues and workflows.
Permission scopes
OX requests the Microsoft Graph and OpenID Connect permissions for the Microsoft Teams integration. OX declared these permissions when it registered its application in Azure. Microsoft grants the permissions when you connect and complete the Microsoft consent flow.
Channel.ReadBasic.All
Reads basic channel properties (name, description, type).
Allows OX to select a channel when sending notifications. OX lists channels inside the selected team to populate the UI so messages are sent to the correct channel.
ChannelMessage.Send
Sends messages to team channels (both standard and private). Required to permit OX to send security alerts and notifications to your selected Teams channels.
Chat.Create
Creates new 1:1 or group chats for private notifications when no existing conversation exists.
Chat.ReadWrite
Reads and sends messages in chats where the app participates, including 1:1 and group notifications.
offline_access
Maintains persistent connection to Teams without requiring users to repeatedly sign in. Enables OX to automatically renew expired access tokens so notifications and integrations continue working uninterrupted.
openid
Enables Microsoft sign-in and single sign-on (SSO) so users can authenticate and connect their Teams environment to OX using their work account credentials.
Team.ReadBasic.All
Reads team and channel names and IDs for channel notification configuration. Requires admin consent.
User.Read
Reads signed-in user profile (name, email, ID) to identify connected user and list joined teams
User.Read.All
Reads basic profile information for all organization users to enable notification recipient selection and 1:1 chat resolution. Requires admin consent.
Prerequisites
Identity provider
Permission to configure connectors
Microsoft Teams account
(Optional) Administrative access to Microsoft Azure Admin Center
Permissions to manage enterprise applications in Azure
Bot identity provider
Permission to configure connectors
Microsoft Teams account
Microsoft Teams admin with permission to manage apps and policies in the Teams Admin Center
Connect with Identity Provider
Verify that the prerequisites are in place.
In the OX app, go to Connectors > Dev Alerts > Microsoft Teams and select IDENTITY PROVIDER.
Select CONNECT. The Microsoft Teams connector is configured.
When prompted, you will be asked to approve access to organization resources. For the list of permissions, see the section Permission Scopes.
Select Accept.
Connect with the Bot Identity Provider
Step 1: Connect to OX [OX]
Verify that the prerequisites are in place.
In OX, go to Settings > Connectors > Dev Alerts > Microsoft Teams and select BOT IDENTITY PROVIDER.
In Configure your Microsoft Teams credentials, select CONNECT.
When prompted, you will be asked to approve access to organization resources. For the list of permissions, see the section Permission scopes.
Complete the Microsoft consent flow, then return to OX and confirm that the connector shows Connected.
Step 2: Publish the OX Security app to your Teams tenant [Microsoft]
Verify that the prerequisites are in place.
Go to the Teams Admin Center.
Go to Teams apps > Manage apps. Search for OX Security and open the app from the Azure Marketplace.
If your policies require it, set the app to Allowed for your organization.
Go to Teams apps > Setup policies.
Create a new app setup policy or edit an existing one. For example, edit the default policy Global (Org-wide default).
In Add installed apps, select the OX Security Alerts app.
Select Add. This installs the app for all users covered by the policy.
Verify OX permissions in Microsoft Entra Admin Center
After connecting, you can view and verify the permissions granted to OX.
Go to the Microsoft Entra Admin Center, log in, and select Applications > Enterprise Applications.
From the right pane, select OXSecurity. The Permissions page displays the current permissions which you can modify, if needed.
Send a Teams message about an issue
In the OX app, go to Active Issues and select the issue.
You can also select the Teams icon from the bottom of the screen.
Right-click the 3 dots and select Send message to Teams.
In Send message to Teams, add recipients and a comment, then select SEND.
Add a Teams messages to a workflow
You can configure workflows to automatically send Teams notifications when specific conditions are met.
In the OX, go to Workflows and select the relevant workflow.
Find the workflow step where you want to add the Teams notification and select +
Select Action > Teams.
In Active Settings, complete the details in the table.
Recipients
Required
Fallback recipients
Required
Add your own comment
Optional, but good practice.
Apply to
Select one of the triggers: Updated Issues, New or Updated Issues, New, Updated or Existing Issues, or Periodic
Select ADD. The new Teams action appears in the workflow and triggers on the selected action.
Last updated