title: Using ChatHub in Teams category: Teams Integration tags: teams, bot, chat, commands, adaptive-cards priority: Normal
Using ChatHub in Teams
Once the IdentityCenter bot is deployed to Microsoft Teams (see Setup Wizard), you can query your identity environment, get security insights, and manage access directly from Teams. This article covers everything you need to know to use the bot effectively.
Starting a Conversation
Personal Chat (1:1)
The most common way to use the bot is in a personal conversation:
- In Microsoft Teams, click Chat in the left sidebar
- Click New Chat or search for the bot by its name (e.g., "IdentityCenter")
- Select the bot from the results
- Type your first message or command
The personal chat is private. Only you can see the bot's responses.
Adding to a Channel
You can also add the bot to a Teams channel for shared access:
- Navigate to the desired channel
- Click the + button to add a tab, or mention the bot using
@IdentityCenter - Once added, any channel member can interact with the bot by @mentioning it
Note: In a channel context, all bot interactions are visible to channel members. Avoid querying sensitive identity data in shared channels. Use personal chat for security-sensitive queries.
Available Commands
All 24 ChatHub slash commands work in Teams, with the same syntax as the web UI. Type / to see the full command list, or ask in natural language.
Search and Discovery
| Command | Description | Example |
|---|---|---|
/search |
Search for any object by name or attribute | /search john.smith |
/list |
List objects by type | /list groups |
/find |
Find objects matching specific criteria | /find users department=Engineering |
/count |
Count objects matching criteria | /count disabled users |
/details |
Show detailed information about an object | /details john.smith |
Identity and Access
| Command | Description | Example |
|---|---|---|
/members |
Show members of a group | /members Domain Admins |
/groups |
Show group memberships for a user | /groups jane.doe |
/access |
Show all access for a user | /access john.smith |
/manager |
Show direct reports for a manager | /manager sarah.jones |
Security and Insights
| Command | Description | Example |
|---|---|---|
/briefing |
Generate a comprehensive security briefing | /briefing |
/insights |
Show AI-generated risk insights | /insights |
/stale |
Find inactive accounts by days threshold | /stale 90 |
/risk |
Analyze risk for a user or group | /risk Domain Admins |
Synchronization and Operations
| Command | Description | Example |
|---|---|---|
/sync |
Show sync status or trigger a sync | /sync status |
/jobs |
Show recent job execution history | /jobs |
/report |
Generate a report | /report compliance |
/audit |
Show recent audit log entries | /audit |
General
| Command | Description | Example |
|---|---|---|
/help |
Show available commands | /help |
/status |
Show system health | /status |
/stats |
Show environment statistics | /stats |
/summary |
Get an environment summary | /summary |
Natural Language Queries
You do not need to memorize commands. Just ask questions in plain English and the AI will route your request to the right data:
Example questions that work in Teams:
- "Who are the members of the IT Security group?"
- "Show me users who haven't logged in for 60 days"
- "How many disabled accounts do we have?"
- "What groups does john.smith belong to?"
- "Find all service accounts in the Finance OU"
- "What needs my attention today?"
The bot uses the same LLM-first routing architecture as the web UI: your message is analyzed by AI for intent, then routed to the appropriate command or streamed as a RAG-based response.
Adaptive Card Responses
In Microsoft Teams, the bot responds with rich Adaptive Cards instead of plain text. These cards provide:
| Card Feature | Description |
|---|---|
| Formatted Tables | Search results and member lists displayed in clean, readable tables |
| Expandable Sections | Long results can be expanded or collapsed |
| Action Buttons | Quick actions like "Show Details", "Show Members", "View Groups" |
| Color Coding | Risk indicators, status badges, and severity levels are color-coded |
| Summary Headers | Each card starts with a summary of results (e.g., "Found 12 users matching your query") |
Example: Search Result Card
When you search for a user, the Adaptive Card includes:
- User display name and username
- Department, title, and manager
- Account status (enabled/disabled)
- Last login date
- Action buttons to view details, groups, or risk analysis
Example: Briefing Card
The /briefing command produces a multi-section card:
- Account statistics summary
- Security alerts with severity indicators
- Privileged access overview
- Policy compliance status
- Action buttons to drill into each section
Permissions and Security
The bot respects IdentityCenter's role-based access control:
| Aspect | Behavior |
|---|---|
| Authentication | The bot maps your Teams identity (via Azure AD) to your IdentityCenter account |
| Role Enforcement | You can only access data that your IdentityCenter role permits |
| Admin Commands | Commands that require administrator privileges only work if your account has the admin role |
| Audit Trail | All bot interactions are logged in the IdentityCenter audit trail, identified as originating from Teams |
Important: If you do not have an IdentityCenter account mapped to your Teams identity, the bot will notify you and direct you to contact your administrator.
Channel Deployment Best Practices
When deploying the bot to a shared Teams channel:
Do
- Use channels for team-visible queries like environment status or general statistics
- Encourage the team to use
/briefingin a shared channel for daily stand-ups - Pin important bot responses for reference
Avoid
- Querying individual user details in shared channels (use personal chat instead)
- Running risk assessments on specific employees in public channels
- Sharing audit log results in channels that include non-security personnel
Suggested Channel Configurations
| Channel Purpose | Recommended Commands | Audience |
|---|---|---|
| IT Operations | /status, /sync, /jobs, /stats |
IT team |
| Security Team | /briefing, /insights, /stale, /risk |
Security analysts |
| Helpdesk | /search, /details, /groups, /members |
Support staff |
Limitations Compared to the Web UI
While the Teams bot provides access to most ChatHub functionality, some features are only available in the web UI:
| Feature | Teams Bot | Web UI |
|---|---|---|
| Slash commands | All 24 commands | All 24 commands |
| Natural language queries | Full support | Full support |
| Streaming responses | Supported | Supported |
| Follow-up suggestion chips | Limited (action buttons instead) | Full chip-based suggestions |
| Bulk operations | Not available | Full bulk edit/disable/enable |
| Visual workflow designer | Not available | Full drag-and-drop designer |
| File exports (CSV/PDF) | Links to download in browser | Direct download |
| Real-time dashboard | Not available | Full interactive dashboard |
| Object write-back (editing AD) | Not available | Full field editing |
Tip: Use the Teams bot for quick queries and monitoring. Switch to the web UI for administrative tasks, bulk operations, and visual configuration.
Tips for Effective Teams Usage
- Start with
/briefingeach morning — Get a quick overview of your identity environment without leaving Teams - Use natural language — You do not need to remember exact command syntax; just describe what you want
- Click action buttons — Adaptive Cards include buttons for common follow-up actions; use them instead of typing new commands
- Pin the bot — Pin the IdentityCenter bot to your Teams sidebar for instant access
- Use personal chat for sensitive queries — Always query individual user data in a private conversation
- Combine with Teams notifications — Set up IdentityCenter email alerts to a Teams channel via connectors for a unified operations view
Troubleshooting
| Issue | Likely Cause | Resolution |
|---|---|---|
| Bot does not respond | Service may be down or endpoint unreachable | Check IdentityCenter service status; verify the messaging endpoint in Azure |
| "You don't have permission" | Your Teams identity is not mapped to an IdentityCenter account | Contact your administrator to link your account |
| Cards display incorrectly | Teams client version may be outdated | Update the Teams desktop or mobile app |
| Slow responses | Large queries or network latency | Try narrowing your search criteria; check IdentityCenter server performance |
| Bot removed from channel | A Teams admin or channel owner removed it | Re-add the bot to the channel |
| Commands return no results | Your IdentityCenter role may not have access to the requested data | Verify your role permissions in IdentityCenter |
Next Steps
- Microsoft Teams Integration Setup — Install and configure the bot
- Using the AI Chat — Full ChatHub documentation for the web UI
- Audit Logging & Change Tracking — Review bot interaction logs
- Dashboard & Reporting — Web-based dashboards and reports
- Introduction to IdentityCenter — Product overview and getting started