Step 1
Log into Staircase AI and click the cog symbol in the left-hand bar to open up your Integrations panel. Click on the Microsoft Teams card.
Step 2
Click the "Connect" button. You will be redirected to Microsoft authorization screen. Please note, you should be the Microsoft workspace admin to be able to approve the consent screen. Pick one of given Microsoft accounts or use another account on the Microsoft login page.
Step 3
Review the list of permissions and click the "Accept" button.
Step 4
You will be returned to Staircase AI. Copy the application ID from the card. It will be used in the next steps.
Step 5
In addition to the permissions granted above, the admin should create and configure a new application access policy using the PowerShell scripts.
Refer to the official documentation to install the PowerShell on Windows, Linux, and macOS:
After that, install the required Microsoft Teams module:
Step 6
Create a new application access policy:
Example:
New-CsApplicationAccessPolicy -Identity {IDENTITY} -AppIds "{APP_ID}" -Description "{DESCRIPTION}"
IDENTITY. Unique identifier assigned to the policy when it was created. E.g. Staircase-AI-for-Teams.
APP_ID. A list of application (client) IDs. Use the application ID you copied from the integration card.
DESCRIPTION. Specifies the description of the policy. E.g. App access policy for Staircase AI for Teams.
Step 7
Grant the Application Access Policy: (Group Assignment Recommended)
To grant the necessary permissions, you need to assign the application access policy you created. The recommended and most manageable approach is to assign the policy to a security group or Microsoft 365 Group. This allows you to manage access centrally by adding or removing users from the group, rather than assigning policies individually. We suggest adding users who typically have guaranteed access to meetings (like meeting organizers) to this group.
Assigning Policy to a Group (Recommended Method):
Use the New-CsGroupPolicyAssignment cmdlet in PowerShell. Make sure you have the Object ID of the group you want to target.
PowerShell:
New-CsGroupPolicyAssignment -GroupId {GROUP_ID} -PolicyType ApplicationAccessPolicy -PolicyName {POLICY_NAME}-GroupId {GROUP_ID}: Replace{GROUP_ID}with the Object ID of the Azure AD group (Security Group, Microsoft 365 Group, or Distribution List) that should receive the policy.-PolicyType ApplicationAccessPolicy: Specifies the type of policy being assigned.-PolicyName {POLICY_NAME}: Replace{POLICY_NAME}with the name of the policy you created (e.g.,Staircase-AI-for-Teams).
For more details, refer to the New-CsGroupPolicyAssignment documentation.
Assigning Policy to an Individual User (Use Only When Necessary):
While managing access via groups is strongly recommended for scalability and ease of administration, there might be rare situations where you need to assign the policy directly to a specific user who isn't part of the designated group. If you must assign the policy individually (which is not the preferred method), use the Grant-CsApplicationAccessPolicy cmdlet:
PowerShell:
Grant-CsApplicationAccessPolicy -PolicyName {POLICY_NAME} -Identity "{USER_OBJECT_ID}"-PolicyName {POLICY_NAME}: Replace{POLICY_NAME}with the name of the policy (e.g.,Staircase-AI-for-Teams).-Identity "{USER_OBJECT_ID}": Replace{USER_OBJECT_ID}with the Object ID of the specific user account requiring access (e.g.,de80cb39-fb45-448a-8715-b237a595733f).
See the Grant-CsApplicationAccessPolicy documentation for further information on individual assignment.
To check that a given user is correctly assigned to the ApplicationAccessPolicy, run the following command:
Get-CsUserPolicyAssignment -Identity "<[email protected]>" -PolicyType ApplicationAccessPolicy
To check that the assignment to the group was successful, run the following command:
Get-CsGroupPolicyAssignment -GroupId "<YOUR_GROUP_ID>" -PolicyType ApplicationAccessPolicy