Solution overview
The Appointment Manager app template has the following main components:
- Azure App Service: Hosts the API endpoints, including the bot messaging endpoint, and serves the static site for tabs and task modules.
- Azure Cosmos DB: Stores all application data, such as appointment requests and channel mappings. See Data Stores for details.
- Azure Active Directory: Provides single sign-on for staff in Teams. Also secures communication between the bot and Azure Bot Service.
- Application Insights: Stores logs and telemetry data. See Telemetry for details.
- Microsoft Graph API: Provides integration with O365 for determining staff availability, getting profile pictures, and creating Bookings appointments.
Azure App Service hosts the .NET Core Web API that serves as the backend for the application. The API provides functionality needed by the app's frontend, such as appointment assignment and CRUD operations for channel mappings.
The API includes the bot messaging endpoint, which is registered with Azure Bot Service. It handles Bot Framework activities, such as updates to Teams channels and invoke activities for the messaging extension and task modules.
The API also serves static files, including the React app used for tabs and task modules.
Azure Cosmos DB with SQL API stores all application data in various containers. See Data Stores for details on what data is stored.
Azure Active Directory (AAD) secures the API and provides single sign-on for staff in Teams. Most of the API endpoints are protected by AAD by requiring a valid AAD token for access. The frontend components acquire an AAD token via Teams SSO and include the token in API requests.
AAD also secures communication between the bot messaging endpoint and Azure Bot Service. This service-to-service authentication is handled by the Bot Framework SDK.
Application Insights is used for general logging and telemetry data for the app. See Telemetry for details.
The app uses the Graph API to access various services within O365. During appointment assignment, the task modules determine staff availability using the Graph's calendar endpoints. Microsoft Bookings integration for creating Bookings appointments is also handled through Graph.
In most cases, the .NET backend calls Graph and passes results to the client through its own API. The backend acquires an access token for Graph by using the OAuth 2.0 On-Behalf-Of flow using the SSO token from Teams. For more details, see the Teams Single Sign-On docs.
In a few cases, the frontend components call Graph directly, such as retrieving the staff's photos that are shown throughout the app.
The following table shows the Graph API endpoints used by the app:
| Use case | API | Permissions | API version |
|---|---|---|---|
| Getting staff in team | List group members |
Member.Read.Group (Teams resource-specific consent) |
v1.0 |
| Checking staff availability in specific time slot | List calendarView |
Calendars.Read (delegated) |
v1.0 |
| Find available time slots for staff | findMeetingTimes |
Calendars.Read.Shared (delegated) |
v1.0 |
| Get staff profile photo | Get photo |
User.ReadBasic.All (delegated) |
v1.0 |
| Create appointment in Bookings after assignment | Create bookingAppointment |
BookingsAppointment.ReadWrite.All, (delegated) |
beta |
| Update appointment in Bookings after reassignment | Update bookingAppointment |
BookingsAppointment.ReadWrite.All, (delegated) |
beta |
| Find Bookings staff member corresponding to staff | List staffMembers |
Bookings.Read.All (delegated) |
beta |
| Allow app admin to select Bookings business | List bookingBusinesses |
Bookings.Read.All (delegated) |
beta |
| Allow app admin to select Bookings service | List bookingServices |
Bookings.Read.All (delegated) |
beta |