If you have the appropriate permissions in Azure Active Directory, you can fulfill the following change requests:
ADD PERMISSION TO USER
REMOVE ACCOUNT PERMISSION
REMOVE PERMISSION ASSIGNMENT
You can add or remove a member only from a private channel. However, before adding a member to a channel, ensure that the member is already a part of the team. When you add a user to a team, the Microsoft Teams fulfiller adds the user automatically to all standard channels under the team, as a member.
NOTE:To avoid unexpected behavior from the application, we recommend that you do not add a team and a channel member in the same request.
To fulfill these change requests, you need the following API permissions.
|
Resource |
Type |
Permission |
Description |
|---|---|---|---|
|
Teams |
Delegated and Application |
TeamMember.ReadWrite.All |
Read and write data for all team members in the organization. |
|
Channel |
Delegated and Application |
ChannelMember.ReadWrite.All |
Read and write data related to channel members across the organization. |
You can assign the user the role of an owner. To do so, you need to customize the request form and add ‘owner’ as Data Source Values and ‘roles’ as Label, then publish the form. This will allow you to select the role as ‘owner’ when you request permission for the user. For information about customizing forms using Form Builder, see Creating a Request or Approval Form in the Administrator’s Guide to Form Builder. Additionally, while configuring Fulfillment item configuration and mapping in the template, you must add "flowdata" for the attribute Permission Profile. For example, add ["flowdata", "permissionProfile"].
NOTE:To assign a user as an owner you need to create custom forms for each team and channel separately.
For the fulfillment to process successfully, you must add the following attributes to the fulfillment context attribute:
|
Fulfillment Context Attributes |
Attributes |
|---|---|
|
Recipient |
|
|
Account |
|
|
Permission |
|