Deploy cross-tenant support in MS Teams capture

In a cross‑tenant deployment, the bot is hosted in one Microsoft Entra tenant while the recorded users are in another. The setup mirrors a single‑tenant deployment, but tasks are divided: the bot’s tenant handles bot creation and configuration, while the recorded users’ tenant grants API permissions, registers the bot as an enterprise application, and applies compliance recording policies.

Procedure 

Steps in bot's tenant:

1. Create an Azure Bot.

   1. Sign in to the Azure portal with the bot tenant’s administrator account.

   2. Go to Azure Bot Services.

   3. Select Create Bot and provide the required details (name, subscription, resource group, and region).

   4. Configure the Microsoft Teams channel so that the bot can interact with Teams users.

   5. Save the bot credentials, (App ID and secret ID).

Steps in recorded users’ tenant:

1. Consent to the bot’s API permissions

   1. Sign in to the Microsoft Entra admin center with Global Admin rights.

   2. Go to Enterprise Applications.

   3. Locate the bot’s App ID.

   4. Grant admin consent for the required API permissions.

2. Configure compliance recording

   1. Create an enterprise application in the recorded users' tenant.

      • Register the bot as an enterprise application in the recorded users’ tenant.

   2. Assign the bot to a recording policy in Teams Admin Center.

      1. In the Teams Admin Center, go to Voice, select Recording Policies.

      2. Create or edit a recording policy.

      3. Assign the bot to the policy.

   3. Optional: Remove restrictions from the recording policy.

      • If restrictions exist (for example, limited to certain users or groups), update the policy to broaden coverage.

Related topics 

Create an Azure Bot

Grant admin consent for the permissions

Create Enterprise application

Assign the bot to a recording policy

Optional: Remove restrictions from Recording Policy