Configuring Microsoft Teams Meetings
Before enabling this functionality for all users, Microsoft Global Administrators must grant tenant wide consent to the Veeva App in the Azure tenant from the Veeva-hosted webpage.
This allows the app to do the following:
- Create, read, update and delete events in all calendars the user has permission to access. This includes delegate and shared calendars.
- Read users’ primary email addresses
- See and update the data you gave it access to, even when users are not currently using the app
- Read and create online meetings on behalf of the signed-in user. Required for Configuring Microsoft Teams Meetings.
- Read online meeting artifacts on behalf of the signed-in user. Required for Configuring Microsoft Teams Meetings.
- See basic user profile information when the user signs in with their work or another account
- Read the full set of profile properties, reports, and managers of other users in the organization, on behalf of the signed-in user
Ensure the Vault CRM Graph API integration is granted the following permissions:
Multiple Vault CRM Vaults can connect to the same Microsoft tenant.
Granting tenant wide consent enables Vault CRM to request information through the Microsoft Graph API, but it does not provide access to Microsoft Office 365 information. The Vault CRM Microsoft Integration uses Microsoft's best practices for authorization (authZ), authentication (OpenId Connect over OAuth 2), data in transit (HTTPS and TLS 1.2+ encryption) and data at rest. Only Microsoft has access to user credentials.
For more control over the integration from the Microsoft side, admins can assign the application to specific users or groups of users, instead of granting access to all users. For more information on assigning applications to Microsoft groups, see Microsoft's Manage users and groups assignment documentation.
Configuring the Microsoft Teams Integration in Vault CRM
Business Admins
To configure MS Teams for business admins:
- Navigate to Admin > Users & Groups > Permission Sets.
- Select the permission set for the appropriate user profile.
- Select the Objects tab.
- Grant the following permissions:
Object
Object Permission
Object Types
Fields
Field Permission
engage_link_settings__v
CRE
n/a
- company_logo__v
- engage_link_apps__v
Edit
remote_meeting_attendee__v
R
call__v
All fields
Read
remote_meeting__v
R
ms_teams_call_meeting__v
- meeting_id__v
- meeting_name__v
- meeting_password__v
- mobile_id__v
- ms_teams_meeting_external_id__v
- ms_teams_meeting_link__v
- scheduled__v
- scheduled_datetime__v
- vexternal_id__v
Read
sent_message__v
R
remote_meeting_invite_link__v
- call_vod
- capture_datetime__v
- engage_link__v
- mobile_id__v
- sent_from_platform__v
- sent_via__v
- transaction_type__v
- user__v
Read
user__sys
RE
n/a
- enable_ms_teams__v
- ms_graph_api_authorized__v
Edit
user_detail__v
R
n/a
remote_meeting_name__v (optional; edit this field to change the default Meeting Topic text for remote meetings)
Read
End Users
Admins can use the Engage End User permission set to easily configure MS Teams for end users.
To configure MS Teams for meeting hosts (end users):
- Ensure Configuring Call Reporting is complete and Engage licenses are provisioned for the appropriate Vaults.
- Navigate to Admin > Users & Groups > Permission Sets.
- Select the permission set for the appropriate user profile.
- Select the Objects tab.
- Grant the following permissions:
Object
Object Permission
Object Types
Fields
Field Permission
call2__v
CRE
n/a
- modified_date__v
- ownerid__v
Read - call_datetime__v
- duration__v
- ms_teams_remote_meeting__v
- remote_meeting_type__v
Edit
engage_link_settings__v R
n/a - modified_date__v
- setupownerid__v
Read remote_meeting__v
CRE
ms_teams_call_meeting__v
- modified_date__v
- ownerid__v
Read - meeting_id__v
- meeting_password__v
- meeting_name__v
- meeting_outcome_status__v
- mobile_id__v
- ms_teams_meeting_external_id__v
- ms_teams_meeting_link__v
- scheduled__v
- scheduled_datetime__v
- vexternal_id__v
Edit
sent_message__v
CRE
remote_meeting_invite_link__v
- modified_date__v
- ownerid__v
Read - call__v
- capture_datetime__v
- engage_link__v
- mobile_id__v
- sent_from_platform__v
- sent_via__v
- transaction_type__v
- user__v
Edit
user__sys
n/a n/a
enable_ms_teams__v Read
ms_graph_api_authorized__v Edit
user_detail__v
CRE n/a
- modified_date__v
- ownerid__v
- remote_meeting_name__v (optional; edit this field to change the default Meeting Topic text for remote meetings)
Edit
message__v R n/a - modified_date__v
- ownerid__v
- user_language_code__v
Read - Select the Enable Engage section attribute for the General Call section on the call2__v object layouts to display the Microsoft Teams meeting user interface.
- Add the meeting_name__v field to the ms_teams_call_meeting__v layout on the remote_meeting__v object and set the meeting_name__v field to read-only (optional; this prevents users from editing the Meeting Name in the meeting information modal on the call report).
- Enable the ms_teams_join_url__v picklist value for the transaction_type__v field for the remote_meeting_invite_link__v object type on the sent_message__v object.
- Populate the engage_link_apps__v field on the Engage Link Global Settings record appropriately, so users can share the Microsoft Teams Join URL with HCPs. By default, the field references the ENGAGE_LINK_APPS;;EngageLink Veeva Message. Edit the list in the Veeva Message to control the number and order of sharing options available for users to send website links with accounts. Available values are:
- Messages
- LINE
- LINEWORKS
- CopyURL (includes QR code)
Populate the list using the format App1;;App2.
- Select the check box for the enable_ms_teams__v field on the user__sys record for each user who should have access to this functionality.
- Ensure the following VMOCs are enabled for the appropriate platforms:
- call2__v
- engage_link_settings__v
- message__v, with the following where clause:
- WHERE category__v CONTAINS ('RemoteMeeting', 'iPad', 'CONTENT', 'CLM', 'Common', 'EngageLink') AND language__v CONTAINS (@@USER_LANGUAGE_CODE@@,'en_US')
- remote_meeting__v
- sent_message__v
- user_detail__v (optional; to change the default Meeting Topic text for remote meetings)
Configuring User Attendees
To configure MS teams for user attendees:
- Navigate to Admin > Users & Groups > Permission Sets.
- Select the permission set for the appropriate user profile.
- Select the Objects tab.
- Grant at least the following permissions:
Object
Object Permission
Object Types
Fields
Field Permission
call2__v
n/a
n/a
- call_datetime__v
- ms_teams_remote_meeting__v
- remote_meeting_type__v
Read
remote_meeting__v
R
ms_teams_call_meeting__v
ms_teams_meeting_link__v
Read
- Navigate to Admin > Configuration > Objects > Call > Layouts.
- Select the Enable Engage section attribute for the General Call section on the call2__v object layouts to display the Microsoft Teams meeting user interface.
- Navigate to Business Admin > Objects > VMobile Object Configurations.
- Ensure the following VMOCs are enabled for the appropriate platforms:
- call2__v
- remote_meeting__v
- user_detail__v (optional; to change the default Meeting Topic text for remote meetings)
Ensure user attendees have visibility to call reports where they are added, and that they are able to sync calls.
Testing the Microsoft Teams Integration
Business Admin Users
For Sandbox testing, connect the Sandbox Vault with a test Microsoft Teams account. Within a Vault, each Microsoft Teams account can only be connected to one user, and vice versa. The same Microsoft Teams account cannot be used for multiple users.
Using multiple Microsoft accounts for the same user is not supported. This means once a user is authenticated with one Microsoft account, the same user cannot be re-authenticated with a different Microsoft account. To re-authenticate the user with a different Microsoft account, admins must contact Veeva.
If authentication errors occur, check your organization’s IT logs and policies, and contact Veeva.
