Microsoft Teams bot quickstart

Azure app → Bot Framework → HTTPS Gateway → first Teams message

This is the fast path for US and global enterprises on Microsoft Teams. Tenant policies, manifest packaging, and advanced group rules are in the full Microsoft Teams channel guide. Confirm exact JSON keys in official docs—schemas evolve across releases.

Time: about 30–45 minutes (Azure + HTTPS). Teams requires a public HTTPS messaging endpoint; a home PC alone is not enough unless you add a tunnel (remote access) or a US VPS (US deployment hub).

Before you start

OpenClaw installed (installation) and an LLM provider configured.
Azure subscription with permission to create App registrations and an Azure Bot resource.
A public HTTPS URL pointing at your Gateway (VPS, reverse proxy, or Tailscale Funnel—see remote access).
Teams admin or ability to sideload/custom-upload apps for testing (org policy varies).

Step 1 — Register an app in Azure

Open Azure Portal → Microsoft Entra ID → App registrations → New registration.
Name it (e.g. OpenClaw Bot). Supported account type depends on your tenant (single-tenant is common for internal bots).
After creation, copy the Application (client) ID—you need it for OpenClaw and the Azure Bot resource.

Step 2 — Create a client secret

In the app → Certificates & secrets → New client secret.
Copy the Value immediately (shown only once). This is the bot password OpenClaw uses.

Store secrets in a vault or env vars—not in git. See secrets configuration.

Step 3 — Create Azure Bot and enable Teams

Azure Portal → Create a resource → Azure Bot.
Link the bot to the app registration from Step 1 (same Microsoft App ID).
Set the messaging endpoint to your public HTTPS URL for Teams traffic (path depends on OpenClaw version—check Teams reference and official docs).
Open the Azure Bot → Channels → add Microsoft Teams and accept terms.

Without valid HTTPS and a reachable endpoint, Teams cannot deliver messages to your Gateway.

Step 4 — Add credentials to OpenClaw

During openclaw onboard, enable Microsoft Teams and paste the App ID and client secret when prompted—or merge into ~/.openclaw/openclaw.json. Example shape (keys may differ in your build):

Example (verify in docs)

{
  "channels": {
    "microsoftTeams": {
      "appId": "YOUR_APPLICATION_CLIENT_ID",
      "appPassword": "YOUR_CLIENT_SECRET",
      "allowFrom": ["you@company.com"]
    }
  }
}

Use allowFrom / group policies so the bot is not open to your entire tenant by accident. Read is OpenClaw safe? before widening access.

The Setup Wizard can generate merge-ready JSON for Teams.

Step 5 — Start the Gateway (HTTPS)

Terminal

openclaw gateway start
openclaw doctor

doctor should report Teams/Microsoft channel healthy. Host on a US-region VPS if most users and LLM endpoints are US-based (DigitalOcean, Vultr).

Step 6 — Install the bot in Teams and test

In Teams, install or sideload your bot app (org admin may need to approve custom apps).
Open a chat with the bot and send hello.
If pairing is enabled, approve: openclaw pairing list microsoft-teams then openclaw pairing approve microsoft-teams <code> (pairing guide)—exact channel id may vary; see pairing list output.
For channel @mentions, confirm mention handling in the full Teams guide.

Troubleshooting

Symptom	Likely cause	Fix
Teams shows bot but no replies	Messaging endpoint wrong or HTTP only	HTTPS public URL; fix reverse proxy; restart Gateway
401 / unauthorized from Microsoft	Expired secret or wrong App ID	Rotate client secret; update config
Bot not installable	Tenant app policy	Ask Teams admin; use approved catalog upload
Only pairing replies	User not approved	`pairing approve`

More detail: Teams guide · troubleshooting

What to do next

Workplace chat: Slack quickstart.
Production hardening: hardening checklist and AWS Bedrock for in-tenant models.
Automate with cron and webhooks.