Skip to main content

Whether you’re looking for quick answers or in-depth guidance, our resources are here to assist you effectively.

Microsoft Teams Call Connector Guide

Conversations are the heartbeat of your business, often containing the most valuable, undocumented insights. The SiftHub Microsoft Teams Connector securely captures this spoken knowledge, transforming transient discussions into a permanent, searchable asset. By ingesting meeting transcripts, SiftHub enables you to "recall" exactly what was promised to a customer, track action items, and surface relevant context from past calls instantly—turning every conversation into a searchable knowledge base.

 

What Gets Connected

SiftHub focuses on capturing the rich context of your discussions while ignoring technical noise. The connector indexes:

  • Meeting Transcripts: Verbatim speech-to-text logs from your recorded or transcribed Teams meetings.
  • Meeting Metadata: Participant lists, timestamps, meeting titles, and duration to provide the "Who, When, and What" context.

 

Access Control

SiftHub prioritizes the privacy of your sensitive internal communications.

  • Open Access: All SiftHub users in your organization can view and access meeting transcripts from all connected Microsoft Teams users.
  • Participant Access: Users can only access meeting transcripts for meetings they participated in (as a Host or Participant), maintaining privacy and limiting access to relevant conversations.

 

Using Teams Content in SiftHub

Your connected Teams content powers the following features:

  • Conversational Search: Ask "What did we discuss with Acme Corp about pricing last month?" and get an answer based on the actual transcript.
  • Automated Summaries: SiftHub generates post-call recaps, extracting key decisions and action items automatically.
  • Contextual Intelligence: When preparing for a new meeting, SiftHub proactively surfaces insights from previous calls with the same participants.

 

Content Updates

  • Sync Frequency: Transcripts are processed and indexed every 30 minutes.
  • Deletions: If a transcript is deleted from Teams, it is removed from SiftHub during the next sync cycle.

 

Microsoft Teams Connector Setup

Time to complete: 10 mins

Connection Requirements: Ensure you have the following access and permissions before you begin the setup, or contact the respective administrator for the same.

  • Microsoft Azure Administrator access: To register an application and grant Graph API permissions.
  • SiftHub Admin or Account Owner role: To activate the Connector from the SiftHub Web App.

The process for setting up the Microsoft Azure App includes the following steps:

  • Step 1: Create Microsoft Azure App and Credentials
  • Step 2: Enable required API Permissions for the app
  • Step 3: Activate Microsoft Teams Connector

 

Step 1: Create Microsoft Azure App and Credentials

A Microsoft Azure App is required to setup and manage Microsoft Graph APIs. This app enables the required identity and access management services.

1.1. Create a Microsoft Azure App

  1. To create an App in Microsoft Azure, go to the following link - https://portal.azure.com
  2. If you are not logged in, you will be required to login using your work Microsoft 365 account. Ensure that a Microsoft Azure Administrator logs in.
  3. Search for ‘App Registrations’ in the search bar.



 

  1. Select New registration.



 

  1. On the Register an application page, register an app with, Name (eg. SiftHub Microsoft Teams  Integration), Supported account type( Accounts in this organizational directory only (Single tenant), Redirect URI(Leave it blank).
  2. Click on Register.




 

On creation of the App, you will be redirected to the App homepage.



 

1.2. Create Client Secret

  1. Click on Certificates & secrets in the left-hand menu.
  2. Click on New client secret.

  1. Enter a description (e.g., "SiftHub-Microsoft-Teams-integration-Secret"). Select Custom in the Expires dropdown and select today’s date for Start and 2 years from today’s date for End. Then, Click Add.



 

  1. Important: Under Client secrets, copy the Value (not the Secret ID) immediately. This value is hidden after you leave the page. You need to securely share this with your SiftHub Customer Success Manager. 

 

Step 2: Enable required API Permissions for the App

SiftHub Platform needs API access to read call transcript and metadata, fetch user profiles, and access attachments for context.

 

2.1. Enable Microsoft Graph API access

To enable Microsoft Graph API access, follow the steps below:

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission.



 

  1. Select Microsoft Graph.



 

  1. Choose Application permissions.

  1. Search for and select the following permissions:
  • Calendars -> Calendars.Read: Required to read all events in user calendars.




 

  • User -> User.Read.All: Required to read profiles of users to map attendees correctly.



 

  • OnlineMeetings -> OnlineMeetings.Read.All: Required to read details of all online meetings, including participants and join information.

  • OnlineMeetingRecording -> OnlineMeetingRecording.Read.All: Required to access the recording files associated with online meetings.

  • Group -> Group.Read.All: Required to fetch members of groups if calendars belong to group mailboxes.

  • CallTranscripts -> CallTranscripts.Read.All: Required to read transcripts generated during calls and meetings.

  • OnlineMeetingTranscript -> OnlineMeetingTranscript.Read.All: Required to fetch transcripts specifically associated with online meetings.

  • CallRecordings -> CallRecordings.Read.All: Required to access audio and video recordings of calls and meetings.

  1. Click on Add permissions.
  2. You will be redirected to the API permissions screen.
  3. Grant Admin Consent: Click the Grant admin consent for [Tenant Name] button next to the "Add a permission" button.

  1. Select Yes to confirm. Your permission granted screen will look like this.

 

 Scope Access via PowerShell

To enforce this call transcript access, the Global Admin must connect to Exchange Online PowerShell and run a command that explicitly links your Application ID to the resource scope (the security group you just created).

Prerequisite: You must have the Exchange Online PowerShell module installed.

  1. Open PowerShell on your machine (Run as Administrator).
  2. Run the following command to connect to MicrosoftTeams Online and log in with your Admin credentials:
Import-Module MicrosoftTeams

Connect-MicrosoftTeams
  1. Create the Access Policy: Run the command below to assign the ApplicationImpersonation role to the SiftHub App to fetch the user’s calls transcript. Replace <Application-Client-ID> with the Client ID you copied in Step 1.
New-CsApplicationAccessPolicy -Identity 
"GlobalTranscriptAccess" -AppIds "<Application-Client-ID>" -Description "Policy to access the transcripts for App"

Result: SiftHub now has permission to access call transcripts data
 

Note: The step mentioned above is the recommended approach. It enables full tenant-wide call ingestion, which is standard for most organizations wanting comprehensive coverage. If you prefer not to grant access to the entire tenant, you can restrict ingestion to a specific subset of users using a Mail-Enabled Security Group. Regardless of the approach you choose, SiftHub will securely index the metadata and attachments. However, with this Restricted Access approach, you get more granular control by explicitly defining exactly which users' call  SiftHub is permitted to read, ensuring only the members of your designated security group are indexed.

A trade-off with this restricted approach is the additional administrative overhead required for SiftHub to access user calls. Unlike the tenant-wide setup, the Microsoft Azure Admin must manually maintain the Mail-Enabled Security Group. Whenever a new user needs to be onboarded, the Admin must add them to this group; otherwise, SiftHub will be unable to access their calls or generate call briefs. Additionally, this method requires executing complex PowerShell commands rather than a simple UI configuration, increasing the complexity of the initial setup.
Step 2 for the alternate approach is mentioned here.

 

Step 3: Activate Microsoft Teams Connector

The following details need to be shared with your SiftHub Customer Success Manager once the Azure App with required permissions is set up:

  1. Application (client) ID: The value you copied after creating your Azure APP.
  2. Directory (tenant) ID: The value you copied after creating your Azure APP.
  3. Client Secret: The "Value" you copied in Step 1.2.4.

Time to activation: Once shared, the Microsoft Teams Connector will be active within 24 hours.

 

Alternative Step 2: Mail-Enabled Security Group Setup (Optional)

Use this step only if you need to restrict SiftHub's access to a specific subset of users rather than the whole tenant.

2.1  Create a Mail-Enabled Security Group

To limit SiftHub's access to specific users, you must first create a group that acts as an "allow list."

  1. Log in to the Microsoft 365 Admin Center (admin.microsoft.com).
  2. In the left-hand navigation, go to Teams & groups > Active teams and groups.


 

  1. Click on the Security groups tab.

  1. Click Add a Mail-enabled security group. Set up the basics:
    • Name: Enter a clear name, e.g., SiftHub-Mail-Enabled-Security-Group.
    • Description: Enter a description, e.g., "Users authorized for SiftHub Microsoft Teams ingestion."
    • Click Next.

 

 

  1. Assign Owners.


 

  1. Click Add Members  and select the users you want to authorize.

 
 

  1. Configure Settings. Add Group email address and domain.


 

  1. Review your setting configurations and click Create group.


 

  1. After creating this group, you will be navigated to this page. 


 

2.3 Scope Access via PowerShell

To enforce this restriction, the Global Admin must connect to Exchange Online PowerShell and run a command that explicitly links your Application ID to the resource scope (the security group you just created).

Prerequisite: You must have the Exchange Online PowerShell module installed.

  1. Open PowerShell on your machine (Run as Administrator).
  2. Run the following command to connect to Exchange Online and log in with your Admin credentials:
Connect-ExchangeOnline
  1. Create a Resource Scope: Run the command below to define the scope based on the group you created in Step 2.1. Replace <Security-Group-Name> with the exact name of your group 
New-ManagementScope -Name "SiftHubMircorsoftTeamsScope" -RecipientRestrictionFilter "MemberOfGroup -eq '$(Get-Group <Security-Group-Name> | Select-Object -ExpandProperty DistinguishedName)'"
  1. Create the Role Assignment: Run the command below to assign the ApplicationImpersonation role to the SiftHub App, restricted only to the users in the scope. Replace <Application-Client-ID> with the Client ID you copied in Step 1.
    PowerShell
New-ManagementRoleAssignment -AppId "<Application-Client-ID>" -Role "ApplicationImpersonation" -CustomResourceScope "SiftHubMircorsoftTeamsScope"

Result: SiftHub now has permission to access user’s call data, but only for the members of this Security group.

Source Documentation:

Need Help? If you are experiencing issues with the connector or its setup, contact your SiftHub Customer Success Manager or reach out to support@sifthub.io.