Knowledge base Rise Up

Microsoft Teams Integration in Rise Up — Automatic Attendance Sheets

  • Updated

 

Prerequisites
Full Administrator rights required.
This configuration modifies platform-level settings and sets up external authentication with Microsoft.

You must have: 
• Full Administrator rights in Rise Up 
• Administrator access in Microsoft Entra ID (Azure) 
Microsoft Teams Administrator permissions 

Only Full Administrators can activate automatic attendance tracking.

Overview: what this integration does

The Microsoft Teams integration allows Rise Up to automatically generate an attendance sheet and time recording for sessions delivered through Teams Virtual Classrooms. Instead of exporting attendance manually from Teams, Rise Up retrieves participation data using Microsoft Graph, once Microsoft has published the meeting artefacts (after the session ends).

 

Integration workflow

  1. Create a single-tenant Azure application (Entra ID App Registration).
  2. Configure credentials and permissions (Client Secret + Graph permission).
  3. Authorise Teams access using PowerShell (Application Access Policy).
  4. Activate the feature in Rise Up and map Azure values into settings.
  5. Attendance is generated automatically after each Teams session (not real time).

Step 1 — Create the Azure (Entra ID) application

You must create a Microsoft Entra ID application (Azure App Registration). This app is used to authenticate securely and allow Rise Up to retrieve Teams attendance artefacts through Microsoft Graph.

  • Start from the Azure Portal: 
    • Go to portal.azure.com 
    • Or use the direct creation link: Create App Registration
  • Create the application:
    Microsoft Entra ID → App registrationsNew registration
    Configuration: 
    • Supported account types → Single tenant only 
    • Redirect URI → No URI required 

Recommendation: use a meaningful app name, for example: 
“Rise Up — Teams attendance integration”.

  • Copy the values for Rise Up (Overview page):
    Copy: 
    Application (client) ID 
    Directory (tenant) ID 

AttendanceSh_copyappanddirectoryID_uk.png

Tip: Always verify you copied the Directory (tenant) ID (not another tenant identifier).

Step 2 — Create the Client Secret (credentials)

The Client Secret is used by Rise Up to authenticate against Microsoft Graph. This secret must be stored securely and updated when it expires.

  • Create the secret:
    App registration → Certificates & secretsNew client secret
  • Copy the secret immediately:
    Copy the Value (NOT the Secret ID).
    Important: the secret Value is displayed only once. If you refresh or leave the page, you cannot retrieve it again.
  • Expiration management (customer responsibility):
    The secret expires on the selected date. When it expires, attendance retrieval will stop until you: 
    • create a new Client Secret in Azure, and 
    • paste the new Value into Rise Up settings.

Common configuration mistake:
Using the Secret ID instead of the Secret Value will cause the configuration test to fail.

Step 3 — Set Microsoft Graph permissions

Rise Up needs a Microsoft Graph application permission to read Teams meeting artefacts (attendance data). You must grant admin consent for your organisation.

  • Path:
    API permissions → Add a permission → Microsoft Graph → Application permissions
  • Add the permission:
    OnlineMeetingArtifact.Read.All
  • Grant admin consent:
    Click Grant admin consent for your organisation.
    Without admin consent, Rise Up cannot retrieve attendance data.

Step 4 — Retrieve the Admin User Object ID (for configuration testing)

Rise Up requests an Admin User ID (Object ID) to run the Test configuration check in settings. This value is only used for connectivity testing from the settings page.

  • How to retrieve the Object ID:
    Microsoft Entra ID → Manage → Users → select your administrator account → Overview
    Copy the Object ID.

Step 5 — Install and prepare PowerShell (Teams authorisation)

The Azure application must be authorised within Microsoft Teams using PowerShell. You can use a local PowerShell installation or Azure Cloud Shell.

Option A — Local PowerShell

macOS

  • brew install --cask powershell
  • pwsh

Windows

  • winget install --id Microsoft.PowerShell --source winget

If Connect-MicrosoftTeams is not recognised

  • Install the Teams module: Install-Module -Name MicrosoftTeams -Scope CurrentUser

Connect to Teams

  • Connect-MicrosoftTeams
  • Sign in with a Teams Administrator account.

Option B — Azure Cloud Shell (PowerShell)

  • Azure Portal → Cloud Shell → select PowerShell
  • Run the same Teams commands below from Cloud Shell.

Authorise the application in Microsoft Teams (Application Access Policy)

Microsoft Teams requires an Application Access Policy to authorise access to meeting artefacts. You will create a policy and apply it (typically globally) so the application can retrieve attendance data.

  1. (Optional) Check whether a policy already exists
    Get-CsApplicationAccessPolicy -Identity accessTeamsMeetings
    Tip: If it exists, you may not need to recreate it. If you need a clean setup, delete it (see troubleshooting section).
  2. Create the policy
    Replace "APPLICATION_ID" with your Application (client) ID.
    New-CsApplicationAccessPolicy -Identity accessTeamsMeetings -AppIds "APPLICATION_ID" -Description "Rise Up Attendance Sheet Feature"
  3. Apply the policy globally
    Grant-CsApplicationAccessPolicy -PolicyName accessTeamsMeetings -Global

Note:
The policy may take a short time to propagate across Microsoft services. If tests fail right after configuration, wait a few minutes and try again.

Step 6 — Configure Rise Up (enable attendance sheet & time recording)

Once Azure and Teams authorisation are complete, you can enable the feature in Rise Up and enter the required Azure values.

  • Path in Rise Up:
    Settings → Physical and virtual classroomsVirtual Class
  • Enable:
    Teams if not already activate → read the article related to Virtual Classrooms
    Automatic attendance sheets and time recording
  • Paste the Azure values using the mapping below, then Save.
AttendanceSheet_Testconfiguration_uk.png

Azure ↔ Rise Up value mapping (copy/paste reference)

Rise Up field Where to find it in Azure Exact value to paste
Client ID App registration → Overview Application (client) ID
Tenant ID App registration → Overview Directory (tenant) ID
Client Secret Certificates & secrets Secret Value (NOT Secret ID)
Admin User ID Entra ID → Users → admin account Object ID

Security reminder:
The Client Secret must remain confidential. Do not share it in tickets, screenshots, or code snippets. Store it securely and update it in Rise Up when renewed.

How automatic attendance retrieval works

Before you begin

  • Sessions must be created as Teams Virtual Classrooms.
  • Attendance is available after the Teams meeting ends (not during the live session).
  • It is normal if attendance appears a few minutes after the session: Microsoft must publish meeting artefacts first.
  1. The virtual session ends in Teams
    Microsoft publishes attendance artefacts only once the meeting is closed.
  2. Rise Up retrieves meeting artefacts via Microsoft Graph
    A background process queries Microsoft Graph using your Azure application credentials and permission.
  3. Rise Up generates the Attendance Sheet and Time Recording
    Attendance duration and participation details become visible within the Rise Up session.
  4. Expected result
    Administrators can consult attendance information without exporting Teams reports manually.

Notes:
Attendance is not real-time. If the session has just ended, wait a few minutes and refresh before troubleshooting.

Attendance availability: during vs after the meeting

Understanding when Microsoft publishes meeting artefacts helps avoid confusionduring setup and testing.

 

Attendance data availability

Behaviour During meeting After meeting ends
Microsoft publishes meeting artefacts No Yes
Attendance data available in Rise Up No Yes (after retrieval)
Rise Up retrieval (Graph) No Automatic

Microsoft Teams roles & presenter permissions (important notes)

IT configuration note
Presenter permissions rely on the Microsoft directory. If a facilitator account is not linked to Azure, presenter rights cannot be assigned automatically.

Administration tip
If facilitators do not receive presenter permissions, verify both the presenter configuration and the Azure account linkage.

Good to know
In Microsoft Teams, meeting roles such as organiser, co-organiser, presenter and attendee define what participants can do during the session. Review Microsoft documentation here: Roles and permissions in Teams meetings

Administration tip
Limiting presenter permissions to Facilitators helps maintain better control over session moderation.

  • Issue: Attendance sheets are missing after sessions.
    Fix: Confirm the meeting has ended, wait a few minutes, then refresh. If still missing, verify: 
    • Graph permission OnlineMeetingArtifact.Read.All is added 
    Admin consent has been granted 
    • The Teams Application Access Policy exists and is applied

    Issue: Configuration test fails in Rise Up settings.
    Fix: Ensure you entered the Secret Value (not Secret ID), and that the Tenant ID is the Directory (tenant) ID.

    Issue: Client Secret was lost / not retrievable anymore.
    Fix: Create a new Client Secret in Azure and paste the new Value in Rise Up settings (the old Value cannot be recovered).

    Issue: Policy commands fail or the policy cannot be found.
    Fix: Ensure you are connected as a Teams Administrator (Connect-MicrosoftTeams). You can also run commands in Azure Cloud Shell (PowerShell).
     
  • When are attendance sheets generated?
    - Attendance is retrieved automatically after the virtual session ends. Microsoft must publish meeting artefacts first, so it may appear a few minutes later.

    Can attendance be retrieved in real time during a session?
    - No. Attendance becomes available only once the meeting has ended (artefacts are not published during the live session).

    Does Rise Up modify Teams meetings or users?
    - No. Rise Up only reads attendance data via Microsoft Graph: 
    ✔ No meeting modifications 
    ✔ No user changes 
    ✔ No access to private content beyond attendance artefacts

    What is the Admin User Object ID used for?
    - It is used for the Test configuration check in Rise Up settings (connectivity validation).

    What happens if the Client Secret expires?
    - Attendance retrieval stops until you create a new Client Secret in Azure and update the new Secret Value in Rise Up settings.
     
  • How do I check if the policy exists?
    - Get-CsApplicationAccessPolicy -Identity accessTeamsMeetings

    How do I delete the policy completely?
    - Remove-CsApplicationAccessPolicy -Identity accessTeamsMeetings

    How do I re-create the policy?
    - New-CsApplicationAccessPolicy -Identity accessTeamsMeetings -AppIds "APPLICATION_ID" -Description "Rise Up Attendance Sheet Feature"
    - Grant-CsApplicationAccessPolicy -PolicyName accessTeamsMeetings -Global
     
  • Client ID (Rise Up)
    - Application (client) ID (Azure App Registration)

    Tenant ID (Rise Up)
    - Directory (tenant) ID (Azure App Registration)

    Client Secret (Rise Up)
    - Secret Value (Certificates & secrets) — not Secret ID

    Admin User ID (Rise Up)
    - User Object ID (Entra ID → Users → admin account)

    PowerShell parameter mapping
    - New-CsApplicationAccessPolicy -AppIds "APPLICATION_ID"
    "APPLICATION_ID" = Application (client) ID

    Graph permission mapping
    - OnlineMeetingArtifact.Read.All enables attendance artefact retrieval via Microsoft Graph.
  • For further assistance, submit a request:
    Rise Up Support Request

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request