1. Create Azure Application
- Login as Administrator in Azure portal.
- Go /Azure Active Directory/App registration/New registraton
- Press register.
- Copy clientID in User.Authentication.OAuth2.ClientsID mandant parameter(Clients parameters table)
- Add tenant Id to the end of https://login.microsoftonline.com/ and set User.Authentication.Oauth2.Authority mandant parameter
It should be somethin like:
2. Create secret key
- Go Certificates & secrets/New client secrets
Please note that the secret value is accessible only after creation.
copy secret value in User.Authentication.OAuth2.Secret mandant parameter
3. Prevention of the consent dialog by first login
To prevent the following dialog by first login
First Login
the following API permissions must be set
See: https://learn.microsoft.com/en-us/azure/active-directory/develop/application-consent-experience
"The Administrator grants consent through the API permissions page of the application registration in the Azure portal."
4. Expose an API
On the left panel, go to Expose an API.
the Application ID URI should be https://$acd_domain where $acd_domain is the portal domain.
In the "Authorized client applications" part. Add the IDs of Teams app (Web and Desktop) by clicking on the plus button "Add a client application"
Here are the IDs:
5e3ce6c0-2b1f-4285-8d4b-75ee78787346
1fec8e78-bce4-4aaf-ab1b-5451cc387264
5. Login with Microsoft Entra ID configuration
The following client properties must be configured:
Parameter Value User.Authentication.Azure.ClientsID Client ID of the application User.Authentication.Azure.Authority Login URL with tenant ID User.Authentication.Azure.Secret Application secret User.Authentication.Azure.Force Only Azure login is posssible for the client. 
- Optionaly can be set resorce portal.Login.Azure.Force to enforce using Entra ID only