Mattermost Mission Collaboration for Microsoft 365 (Beta)#

plans-img Available on Enterprise plans

deployment-img Cloud and self-hosted deployments

Mattermost Mission Collaboration for Microsoft extends Microsoft 365, Microsoft Outlook, and Microsoft Teams for mission-critical coordination, command and control, incident response, and DevSecOps workflows in demanding environments, including air-gapped and classified networks.

This app is designed to work with Microsoft 365, Outlook, and Teams.

Before you begin#

Before starting the setup, ensure you understand the 3 components needed to integrate Mattermost with M365, including: Azure App Registration, Microsoft Teams App Installation, and Mattermost Plugin Configuration. Each component plays a crucial role in ensuring seamless communication and collaboration between Mattermost and Microsoft 365 services:

  1. Azure App Registration: An application must be registered in Microsoft Azure to enable secure authentication and authorization between Mattermost and M365 services. This app registration acts as the bridge for permissions and connectivity. The Azure App is responsible for authentication and managing permissions.

  2. Microsoft Teams App Installation: A Microsoft Teams app is installed into Microsoft Teams. This app facilitates collaboration between Mattermost and Teams, providing a tab containing Mattermost within the Teams client. The Teams App is installed within Microsoft Teams to enable collaboration via a tab.

  3. Mattermost Plugin Configuration: Within Mattermost, the Mattermost Mission Collaboration for Microsoft plugin needs to be installed and configured. This plugin acts as the integration hub on the Mattermost side, connecting to both the Azure App and the Teams App. The Mattermost Plugin is the configuration point within Mattermost that unifies the integration.

Setup#

Complete the following integration setup steps in the order listed:

  1. Register the Azure App

  2. Configure the Mattermost Plugin

  3. Install the Teams App

Register an MS Teams app in Azure#

  1. Sign in to the Azure portal using an admin Azure account.

  2. Go to your Azure Portal > Microsoft Entra ID.

  3. Go to App registrations.

  4. Create a new app registration by selecting Add > App registration:

  • Give it a name

  • Accounts in this organizational directory only (single tenant)

  • No redirect URIs

  1. Go to your newly created application and copy the Application (client) ID and Directory (tenant) ID values. You’ll need those later to configure the plugin.

Go to your newly created application and copy the Application (client) ID and Directory (tenant) ID values. You'll need those later to configure the plugin.
  1. Go to Certificates and secrets to generate a new client secret. Make a copy of the secret value, as it will only be shown once. You’ll need this value to configure the plugin.

Go to Certificates and secrets to generate a new client secret. Make a copy of the secret value, as it will only be shown once. You'll need this value to configure the plugin.
  1. Go to API Permissions to complete the following steps:

  1. Go to Expose an API to complete the following steps:

  • Edit the _Application ID URI_ to api://{{Mattermost Site URL Hostname}}/{{Application (client) ID}}.

  • Add the access_as_user scope by selecting Add a scope and setting the following values:

    • Scope name: access_as_user.

    • Who can consent? Admins and users

    • Provide a display name and description, as well as a user consent display name and description. These will be shown to end users on the consent screen. For example:

      • Display name: Log in to Mattermost

      • Description: Used to allow O365 users to log in to the Mattermost application

      • User consent display name: Log in to Mattermost

      • User consent description: This permission is required to automatically log you in into Mattermost from Microsoft applications.

    See the Microsoft API scope documentation for details.

    • Add authorised client applications for the scope. See the Microsoft authorized client documentation for details.

      • Select _Add a client application_. You must add a client application for each target Microsoft application:

        • Authorised scopes: The one we just created

          • Client ID:

            • Teams web: 5e3ce6c0-2b1f-4285-8d4b-75ee78787346

            • Teams app: 1fec8e78-bce4-4aaf-ab1b-5451cc387264

            • Outlook desktop : d3590ed6-52b3-4102-aeff-aad2292ab01c

            • Outlook web : bc59ab01-8403-45c6-8796-ac3ef710b3e3

    • If you want to make your application available in more Microsoft applications, keep adding client applications from the following table.

Configure the Mattermost plugin#

  1. Download the latest release of the plugin.

  2. Go to System Console > Plugins > Plugin Management > Upload Plugin, and upload the plugin binary you downloaded in the previous step.

  3. Go to System Console > Plugins > Plugin Management. In the Installed Plugins section, scroll to MSTeams DevSecOps.

  4. Enter an Application Version. You can start with 1.0.0.

  5. Generate an Application ID in version 4 UUID format and enter it in the Application ID field.

  6. Enter the values you noted earlier in the appropriate fields, including Directory (tenant) ID, Application (client) ID, and Client Secret.

    In the Mattermost System Console, enter the Directory (tenant) ID, Application (client) ID, and Client Secret for the plugin.
  7. Enter an Application Display Name to define how your application is named in the MS Teams App Store.

  8. Save the changes and enable the plugin.

  9. Select the Download Manifest button to generate the MS Teams application as a ZIP file, containing the app manifest. Save this file as it will be used in the next steps.

Install Mattermost in Microsoft Teams#

  1. Go to the Microsoft Teams admin center.

  2. Go to Teams apps > Manage apps.

    In MS Teams, go to Manage Apps to install the Mattermost Mission Collaboration for Microsoft 365 app.
  3. Go to Actions > Upload new app located in the upper-right corner of the Manage apps page.

  4. Select Upload and select the ZIP file saved previously.

  5. Done! Your application is now available to users.

Usage#

This plugin supports automatic authentication when logged into Microsoft Teams. Teams authentication automatically logs users into Mattermost if the email addresses in both platforms match exactly. Regular authentication methods (LDAP, SAML, email/password, OpenID) can additionally be used for Mattermost.

In air-gapped environments or during business continuity disruptions, users who can’t join Microsoft Teams, can continue to access Mattermost using their Mattermost credentials by opening Mattermost in a separate app (e.g., in a new browser window). Alternatively, a Mattermost admin can pre-distribute the Mattermost desktop app using Windows MSI or the mobile app via EMM.

Benefits and use cases#

  • External Collaboration with IT Control: Replace non-compliant freemium personal apps with dedicated external collaboration across mobile, web, and desktop, fully controlled by IT.

  • Intelligent, AI-Accelerated Incident Response: Augment Microsoft Security Suite with AI-powered collaborative workflows, from detection to resolution, within secure environments.

  • Sovereign, Cyber-Resilient S4B Replacement for Classified Workflows: Replace legacy Skype for Business with a self-hosted, fully sovereign solution for classified operations, tightly integrated within Microsoft ecosystems.

  • Embedded DevSecOps Collaboration Inside Microsoft Teams: Maintain a unified user experience while achieving higher operational productivity for DevSecOps and mission teams.

  • Mission Operations at the Tactical Edge: Real-time command and control for joint operations, mission partner environments, and disconnected/denied environments (DDIL).

Key features#

  • Direct Access: Access Mattermost directly from a tab without switching applications or opening a browser.

  • Seamless Integration: Experience the full functionality of Mattermost within a familiar Microsoft Teams interface.

  • Real-time Collaboration: Collaborate with your team on projects, workflows, and communications in real time.

  • Unified Communications: Combine chat, meetings, workflows, and task management inside MS Teams.

  • Secure Data Handling: Maintain data sovereignty with self-hosted deployment options.

  • AI-Powered Insights: Use multi-agent AI, including Azure OpenAI and local LLMs, for faster decision-making and situational awareness.

  • Embedded DevSecOps Collaboration: Keep developer teams productive with integrated workflows inside Microsoft Teams.

  • Entra-Based SSO: Simplify user authentication and enhance security with enterprise-grade identity management for organizations using Microsoft Entra ID.

  • Activity Feed Notifications for events in Mattermost: Never miss critical updates, with real-time notifications in your MS Teams activity feed whenever someone mentions or messages you directly in Mattermost.

FAQ#

Where can I get support?#

Mattermost commercial customers can open a Mattermost support case.

For questions, feedback, and assistance, join our pubic Integrations and Apps channel on the Mattermost Community Server for assistance.