Integrating Microsoft Teams into the WebMail Calendar

Axigen Documentation

This integration is available starting with Axigen X6 (10.6.0).

Axigen's integration with Microsoft Teams enables users to add Teams* meeting invitations linked to their personal Teams account when scheduling a calendar event in WebMail. This integration ensures that any modifications made to the event within WebMail are automatically synchronized with the Teams application, reflecting updates in real-time. This synchronization helps maintain consistency and ensures that all participants have the latest information.

Concepts

Teams (Microsoft) issues an access token, which is then sent to Axigen. This access token is the key that allows Axigen to make meeting requests to Teams on behalf of the Axigen account. In other words, Axigen doesn't have any knowledge of your Teams account; it only has the token that permits it to manage your meetings on your behalf.

These tokens are available for 1 hour, when they expire, Axigen will request a refresh token to ask for a new token.

Essentially, the Teams application acts as a frontend. Through OAuth, it allows Axigen, as a delegate, to perform a small set of operations on behalf of a user, based on the consent the user has given.

Upon correctly publishing their application, the admin receives a client ID and a client secret for access. The admin then configures the OAuth connector that Axigen uses to access the application. You should fill in the public information (authorization and token endpoints) with the relevant details for the service you are using.

The synchronization direction is Axigen → Teams, where Teams is reading the Axigen user's Calendar events.

*) Or Skype, depending on your account type. The account used in this example is quite a basic one, and therefore some limits might appear.

Installation and Configuration

There are 3 main phases to configure this integration:

  1. Teams Preparation: Registering an Application in AzureAD

  2. Axigen Preparation: Creating and Configuring the Teams Connector in Axigen

  3. End-user Settings

Steps #1 and #2 can be performed in any sequence.

1. Teams Preparation: Registering an Application in AzureAD

1.1. Log into https://entra.microsoft.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade with your Microsoft developer account

1.2. Add a “Personal Microsoft accounts only” application and fill in the OAuth Redirect URL to the /api/v1/oauth/access endpoint of your Axigen server deployment.

image-20241003-091402.pngimage-20240929-120134.png
 The following page might show up.

This might be related to your Microsoft development account which does not have enough permissions (maybe because its free).

image-20241003-091700.png

1.3. Select App registrations in the left menu

image-20241003-092108.png

1.4. Now, add a client secret.

image-20241003-092200.pngimage-20241003-092257.pngimage-20240929-120329.pngimage-20241003-092339.png

The client secret is only visible when creating the key, then it will become hidden. So save the password in a safe place.

image-20240929-113503.png

In order for Teams to access the account some permissions are needed. The User.Read is there by default, but additional permissions are required.

image-20240929-120619.png

1.5. Click the Add permissions button

image-20241003-092658.png

The permissions are:

  • Calendars.Read

  • Calendars.ReadBasic

  • Calendar.ReadWrite

  • offline_access

  • User.Read (the default one)

You may simply search for the permissions, and then check the ones you need.

image-20241003-092854.pngimage-20241003-092914.png

1.7. Click Add permissions

image-20241003-092954.png

2. Axigen Preparation: Creating the Teams Connector

The connector is defined at server level and at this moment, a single connector can be used per server, even though multiple connectors may be defined from the CLI interface.

Setting up the connector may be done from the CLI interface and from the WebMail interface.

Via CLI

The configuration template for the Teams connector is already defined.

The parameters for authzUri, tokenUri and clientScopes are always the same:

  • set authzuri https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize

  • set tokenUri https://login.microsoftonline.com/consumers/oauth2/v2.0/token

  • set clientScopes "User.Read Calendars.ReadBasic Calendars.Read Calendars.ReadWrite offline_access"

The clientId and the clientSecret are unique values and created at the previous step:

  • set clientId <teamsClientID>

    image-20241003-093216.png

  • set clientSecret <YourActualClientSecretReceivedFromMicrosoft>

    image-20241003-093357.png

    As explained above, the password is visible at creation only.

    image-20241003-092339.png

Via WebAdmin

Since the Teams connector is already defined, the only parameters left, are the clientId and the clientSecret.

Navigate to the WebAdmin interface → Services - > WebMail → Extensions tab

image-20240929-063145.png

At this point, the Teams connector is not enabled. Edit the connector, type in the clientId and the clientSecret and save the connector.

image-20241003-093533.png

Enable the connector and save the configuration.

image-20240929-122902.png

Allowing the Teams Connector to Be Used

The Teams connector is defined at server level, however, this functionality must be also enabled. Depending of the preferences this can be enabled at domain level, account level or account class.

In this example, I will enable it at domain level.

Navigate to the WebAdmin interface → Domains & Accounts → Manage domains → select the domain → Account defaults → Quotas and Restrictions → scroll down to External Apps section.

image-20240929-123010.png

Now the users in domain “test.tld” are able to use the connector.

3. End-user Settings

3.1. Log into the WebMail interface

3.2. Navigate to Settings

image-20241003-110730.png

3.3. Go to the Extensions tab

image-20241002-140925.png

3.4. Turn on Microsoft Teams — a Microsoft login page will open

image-20241002-141131.png

In case the Microsoft login page does not appear, it means you are already logged in.

3.5. Login using your Microsoft Account

3.6. A new window will pop-up, where the Microsoft application is asking for permissions to be granted to access the user’s calendar. This pop-up will only appear once.

image-20241003-093645.pngimage-20241002-141752.png

Use Case Examples

Event Creation

  1. Create a calendar event from the WebMail interface

  2. Create the Teams invite by clicking Add Teams

    image-20241002-142302.png

  3. The invite has been created

    image-20241002-143557.png

  4. The event was also created in Teams, after saving the event in Webmail

    image-20241002-143637.png

Event Update

In this example, the end-user has updated the event by changing the subject and has added another recipient.

image-20241002-143952.pngimage-20241002-143900.png

Event Deletion

Now, cancel the event from the WebMail interface.

image-20241002-144041.png

The event has been also removed from Teams.

image-20241002-144052.png

Axigen is a premium, scalable, all-in-one Windows & Linux mail server software. A free mail server version is available for personal and lab use, along with the business mail server and the MSP mail server, for Managed Service Providers, which also include features like personal organizer, groupware, AntiVirus, AntiSpam, or advanced security policies. The carrier-class ISP mail server solution completes the Axigen offering and comes with clustering support, delegated administration, extensive APIs, as well as a cloud-native, Kubernetes based deployment option.

Axigen uses cookies. By using our services, you’re agreeing to our Cookie Policy. GOT IT