Set up ServiceNow and Microsoft Teams chat integration - Testing environmentSummaryOften we have cases that require ServiceNow for Microsoft Teams debug and case replication. Given we do not have a Microsoft Office 365 development environment which we can explore and implement integrations with ServiceNow, we have a dependency on the customer dev environment (if any) to reproduce issues. Thinking of it I came across a workaround on how we can as individual engineers have our own Office 365 development environment and integrate it with ServiceNow. Microsoft provides a Microsoft 365 Developer Program, and although, it comes with 90 days license it's still renewable for free. This article will walk you through how you can create your Office 365 developer environment and how to integrate it with your ServiceNow emp instance - more specifically ServiceNow for Microsoft Teams integration. Components Used ServiceNow ServiceNow for Microsoft Teams plugin Meeting Extensions for Microsoft Teams IT Service Management integration with Microsoft Teams Notify Connector for Microsoft Teams Microsoft Office 365 Microsoft Azure AD Microsoft Teams URL: https://developer.microsoft.com/en-us/microsoft-365/dev-programReleaseIT Service Management integration with Microsoft Teams - 2.5.0 Notify Connector for Microsoft Teams - 2.4.2 Meeting Extensions for Microsoft Teams - 1.3.1InstructionsCreate your developer Microsoft Office 365 account & configure your Microsoft applications Navigate to URL https://developer.microsoft.com/en-us/microsoft-365/dev-program and click Join now Login using your personal Microsoft user account - If you do not have one you can create a new account. (DO NOT use your ServiceNow email account) OR Microsoft will send you a code to verify your email account. Follow the screens until you have your Microsoft developer account created. Once logged into your Microsoft developer account you should see a screen as below. Additional information: https://docs.microsoft.com/en-us/office/developer-program/build-microsoft-365-solutions Click on the "Go to subscription" link and log in as your Microsoft administrator account.Click on the "admin" icon located at the bottom left of your Office 365 home page. It will open the Microsoft Admin Center. – You will use this console to interact with most of your Microsoft lab products. Click "Show all" – For the purpose of this lab you will use Teams and Azure Active Directory Applications located in the "Admin Centers" area. First, you will have to configure your Azure AD SSO. For that click in Azure Active Directory, and follow ServiceNow documentation: https://docs.servicenow.com/bundle/sandiego-it-asset-management/page/product/software-asset-management2/concept/integrate-with-azure-ad.html Example of Azure configuration Once you have configured SSO with your ServiceNow emp instance proceed with the Teams configuration in the "Admin Centers" console - Skip this step as you must install and configure the ServiceNow for Microsoft Teams first. Installing and configuring ServiceNow for Microsoft Teams To initiate your ServiceNow integration with MS Teams you first need to make the decision if you want to proceed with Multi-tenant or single-tenant installation. As per ServiceNow documentation (https://docs.servicenow.com/bundle/rome-employee-service-management/page/product/sn-teams/concept/setup-sn-ms-teams.html) installing with multi-tenant is the easiest way and do not require Azure expertise level. If you want to install the multi-tenant integration follow the steps below as well as the documentation: https://docs.servicenow.com/bundle/rome-employee-service-management/page/product/sn-teams/concept/setup-sn-ms-teams-multi-tenant.html Go to "ServiceNow for Microsoft Teams"Click on "Install Azure Apps" -> Install Log on Azure AD with the Admin domain account you created. All 3 apps are installed in Azure Validate these applications are installed in Azure Create the ServiceNow for Teams Manifest Navigate to ServiceNow for Microsoft Teams againClick on "ServiceNow for Teams" ModuleSelect the most recent "ServiceNow for Teams" Provide a name and version to the application manifest and click "Next" Click "Configure Virtual Agent" or "Review Virtual Agent" – In my example, it shows "Review Virtual Agent" as I had it configured before. Provide a name to the Tab name (this will show in the Teams chat channel) Download your manifest to be uploaded in Teams via Teams Admin Console Log on Microsoft Admin CenterSelect "Teams" Expand "Teams apps"Click in "Manage Apps" -> "Upload new app" Select the manifest file and upload it.Validate the Manifest is installed Click on "Permission policies"Open the global policy "Global (Org-wide default)"Validate that "Custom apps" permission is granted "Allow all apps" NOTE: Please remember to block the app "Now Virtual Agent" in "Manage apps" to avoid notification duplication. If you want to set up the single-tenant integration follow the steps below in Azure as well as the documentation: https://docs.servicenow.com/bundle/rome-employee-service-management/page/product/sn-teams/concept/setup-sn-ms-teams-single-tenant.html Create your MS Azure application to authenticate MS Teams users with ServiceNow. Only follow this step if you want to configure the single tenant configuration Procedure Log in to Microsoft Azure Admin center.Navigate to All Services -> Azure Active Directory Click App registrations.Click New registration. The New registration page displays. On the New registration form, perform the following actions: Name: Enter the name of your application. Example: ServiceNow Auth app.Redirect URI: Enter https://<instance-name>.service-now.com/sn_now_teams_ms_login_redirect.do, where <instance-name> is the name of your ServiceNow instance. Click Register.Next, navigate to the AuthenticationClick "Add a platform" – It will pop up a window.Select "Web" Enter the following URIs of your emp instance https:// <instance>.service-now.com/sn_now_teams_ms_login_redirect.dohttps://<instance>.service-now.com/sn_now_teams_ms_login.dohttps:// <instance>.service-now.com/oauth_redirect.do Configure Scroll down and set to true both boxes "Access tokens (used for implicit flows)" and "ID tokens (used for implicit and hybrid flows)" Click Save Your results should be as below Step 2. Configure API Permissions to your application In your Azure AD_> App registrations, navigate to API Permissions Click "Add a permission" Click Microsoft Graph Click Delegated permissions.Expand "Openid" located under Permission and select: Email offline_access openid profile Chat.Create Chat.Read Chat.ReadBasic Chat.ReadWrite Files.Read.All Presence.Read.all Presence.Write.all TeamMember.Read.All TeamMember.ReadWrite.All TeamMember.ReadWriteNonOwnerRole.All Click add permissionsBack to the previous window, click "Grant admin consent" <client> Step 3. Configure Expose an API to your application Navigate to Expose an API.Click Set next to Application ID URI, and enter the application URI: api://<instance>.service-now.com/{client_id} – Click "overview" at the top of the menu to locate your app client_idClick Save.Click Add a scope. In the "Add a scope" form, fill in the following fields. Field Description Scope name access_as_user Who can consent Admins and users Admin consent display name Teams can access the user's profile. Admin consent description Allows Teams to call the app's web APIs as the current user. User consent display name Teams can access the user profile and make requests on the user's behalf. User consent description Enable Teams to call this app's APIs with the same rights as the user. State Enabled Click on "Add a client application" and add two records with respective IDs 1fec8e78-bce4-4aaf-ab1b-5451cc387264 5e3ce6c0-2b1f-4285-8d4b-75ee78787346 Click "Save" Step 4. Create a Secret for your application This secret key will be used for ServiceNow application Registry. In your Azure AD _> App registrations, navigate to Certificates & secretsClick "New client secret", and specify a description and expirationClick Add NOTE: Upon creation of the credential, field value will be exposed, make sure you copy the secret value to a notepad as it will get encrypted after few minutes. You will need this secret to pass it on during Virtual Agent configuration for single tenant. Configure the your developer Microsoft Office 365 account & configure your Microsoft applications Navigate to URL https://developer.microsoft.com/en-us/microsoft-365/dev-program and click Join now