Skip to main content

Microsoft Teams

Sync overview

This source can sync data for the Microsoft Graph API to work with Microsoft Teams.

There are currently 2 versions of Microsoft Graph REST APIs - v1.0 and beta. Beta version contains new or enhanced APIs that are still in preview status. But APIs in preview status are subject to change, and may break existing scenarios without notice. It isn't recommended taking a production dependency on APIs in the beta endpoint. This Source Connector is based on a API v1.0.

Output schema

This Source is capable of syncing the following core Streams:

If there are more endpoints you'd like Airbyte to support, please create an issue.

Some APIs aren't supported in v1.0, e.g. channel messages and channel messages replies.

Data type mapping

Integration TypeAirbyte Type


Full Refresh SyncYes
Incremental SyncNo
Replicate Incremental DeletesNo
SSL connectionYes

Performance considerations

The connector is restricted by normal Microsoft Graph requests limitation.

Getting started


  • Application (client) ID
  • Directory (tenant) ID
  • Client secrets

Setup guide

The Microsoft Graph API uses OAuth for authentication. Microsoft Graph exposes granular permissions that control the access that apps have to resources, like users, groups, and mail. When a user signs in to your app they, or, in some cases, an administrator, are given a chance to consent to these permissions. If the user consents, your app is given access to the resources and APIs that it has requested. For apps that don't take a signed-in user, permissions can be pre-consented to by an administrator when the app is installed.

Microsoft Graph has two types of permissions:

  • Delegated permissions are used by apps that have a signed-in user present. For these apps, either the user or an administrator consents to the permissions that the app requests, and the app can act as the signed-in user when making calls to Microsoft Graph. Some delegated permissions can be consented by non-administrative users, but some higher-privileged permissions require administrator consent.
  • Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.

This source requires Application permissions. Follow these instructions for creating an app in the Azure portal. This process will produce the client_id, client_secret, and tenant_id needed for the tap configuration file.

  1. Login to Azure Portal
  2. Click upper-left menu icon and select Azure Active Directory
  3. Select App Registrations
  4. Click New registration
  5. Register an application
    1. Name:
    2. Supported account types: Accounts in this organizational directory only
    3. Register (button)
  6. Record the client_id, tenant_id, and which will be used by the tap for authentication and API integration.
  7. Select Certificates & secrets
  8. Provide Description and Expires
    1. Description: tap-microsoft-teams client secret
    2. Expires: 1-year
    3. Add
  9. Copy the client secret value, this will be the client_secret
  10. Select API permissions
    1. Click Add a permission
  11. Select Microsoft Graph
  12. Select Application permissions
  13. Select the following permissions:
    1. Users
      • User.Read.All
      • User.ReadWrite.All
      • Directory.Read.All
      • Directory.ReadWrite.All
    2. Groups
      • GroupMember.Read.All
      • Group.Read.All
      • Directory.Read.All
      • Group.ReadWrite.All
      • Directory.ReadWrite.All
    3. Group members
      • GroupMember.Read.All
      • Group.Read.All
      • Directory.Read.All
    4. Group owners
      • Group.Read.All
      • User.Read.All
      • Group.Read.All
      • User.ReadWrite.All
      • Group.Read.All
      • User.Read.All
      • Application.Read.All
    5. Channels
      • ChannelSettings.Read.Group
      • ChannelSettings.ReadWrite.Group
      • Channel.ReadBasic.All
      • ChannelSettings.Read.All
      • ChannelSettings.ReadWrite.All
      • Group.Read.All
      • Group.ReadWrite.All
      • Directory.Read.All
      • Directory.ReadWrite.All
    6. Channel members
      • ChannelMember.Read.All
      • ChannelMember.ReadWrite.All
    7. Channel tabs
      • TeamsTab.Read.Group
      • TeamsTab.ReadWrite.Group
      • TeamsTab.Read.All
      • TeamsTab.ReadWriteForTeam.All
      • TeamsTab.ReadWrite.All
      • Group.Read.All
      • Group.ReadWrite.All
      • Directory.Read.All
      • Directory.ReadWrite.All
    8. Conversations
      • Group.Read.All
      • Group.ReadWrite.All
    9. Conversation threads
      • Group.Read.All
      • Group.ReadWrite.All
    10. Conversation posts
      • Group.Read.All
      • Group.ReadWrite.All
    11. Team drives
      • Files.Read.All
      • Files.ReadWrite.All
      • Sites.Read.All
      • Sites.ReadWrite.All
    12. Team device usage report
      • Reports.Read.All
  14. Click Add permissions

Token acquiring implemented by instantiate the confidential client application with a client secret and calling AcquireTokenForClient from Microsoft Authentication Library (MSAL) for Python


Config fields reference

Property name


Expand to review
VersionDatePull RequestSubject
1.1.22024-06-2240026Update dependencies
1.1.12024-06-0439046[autopull] Upgrade base image to v1.2.1
1.1.02024-03-2436223Migration to low code
1.0.02024-01-0433959Schema updates
0.2.52021-12-148429Update titles and descriptions
0.2.42021-12-077807Implement OAuth support
0.2.32021-12-068469Migrate to the CDK