Microsoft Teams School setup guide


Note: the following is assumed to be true. If this is not the case, please look into this or contact support for further help:

  • The school has an instance of Microsoft Teams that exists within their organisation.

  • The active directory exists within the Azure Portal.

  • The emails that students use to Log in to Firefly are identical to those that exist in the Active Directory.

  • The school with which you wish to sync assignments is contained within an administrative unit (this is only needed if there are multiple schools on your Azure AD tenant)

Azure Portal Configuration

In order to allow Firefly to access Assignment and Class data from Teams the School will need to create an application registration within their Active Directory. This can be thought of as an entry point into the Active Directory that Firefly can use to query information governed by a set of predefined permissions.

Step 1

Navigate to https://portal.azure.com/ and log in.
Search for Active Directory in the search bar on top and click the highlighted item below.

Step 2

In the left-hand sidebar click on App Registrations. It should open the window to the right of the sidebar with all existing registrations, (depending on your organisation there may or may not be any). 

Click on New Registration to begin.

Step 3

Register an application.

  • The name can be anything sensible, (such as FireflyMicrosoftTeams for example).

  • For Supported Account Types it is important to select the first option as you only want accounts within your organisation to be able to be used within the application. 

  • The Redirect URL is irrelevant as we are not performing any SSO via the application. 

  • Once you are certain of your selections go ahead and press register at the bottom of the page.

Step 4

Once registration is completed it should navigate you to your app registrations configuration page. It should look like this.



Take note of the following settings, they will be required by Firefly at a later stage in the process.


Step 5

Next we need to create a client secret for the application. This is a secret password that the application uses to identify itself.

Name it whatever you like and set a secure password. Take note of this as it will need to be shared with Firefly.

We suggest using a random password generator with 16 characters, without symbols.

Step 6

We need to set the permissions to control what the app has access to within your organisation.

  • Click on API Permissions.

  • To add a permission click on the plus marked Add Permissions button.

  • Select Microsoft Graph.

The following permissions are required. They are ordered according to whether they are needed in Delegated or Application permissions:

Delegated permissions

Application permissions

User.Read

EduAssignments.Read.All

EduRoster.Read.All

Member.Read.Hidden

Once all permissions have been added. Make sure to click the highlighted Grant Admin Consent button.

You will also need to Allow public client flows. 

To do this navigate to: Authentication > Advanced settings and select Yes

Step 7

The configuration process is now done. Make sure you have collected the following information :

  • App Registration Client ID

  • App Registration Client Secret

  • App Registration Tenant ID

Once you are ready, hand forward onto Firefly.