From 0905e5f7b6916223b2f6a4f535bee5fbc5d594b4 Mon Sep 17 00:00:00 2001
From: Vincent Koc <vincentkoc@ieee.org>
Date: Thu, 23 Apr 2026 13:03:24 -0700
Subject: [PATCH] docs(channels): msteams - drop duplicate minimal-setup block,
 cardify related, accordion env vars, remove H1 and dante quote

---
 docs/channels/msteams.md | 94 +++++++++++-----------------------------
 1 file changed, 25 insertions(+), 69 deletions(-)

diff --git a/docs/channels/msteams.md b/docs/channels/msteams.md
index f5123d6f255..13ff356a705 100644
--- a/docs/channels/msteams.md
+++ b/docs/channels/msteams.md
@@ -5,11 +5,7 @@ read_when:
 title: "Microsoft Teams"
 ---
 
-# Microsoft Teams
-
-> "Abandon all hope, ye who enter here."
-
-Status: text + DM attachments are supported; channel/group file sending requires `sharePointSiteId` + Graph permissions (see [Sending files in group chats](#sending-files-in-group-chats)). Polls are sent via Adaptive Cards. Message actions expose explicit `upload-file` for file-first sends.
+Text and DM attachments are supported; channel and group file sending requires `sharePointSiteId` + Graph permissions (see [Sending files in group chats](#sending-files-in-group-chats)). Polls are sent via Adaptive Cards. Message actions expose explicit `upload-file` for file-first sends.
 
 ## Bundled plugin
 
@@ -61,12 +57,6 @@ For production deployments, consider using [federated authentication](#federated
 
 Note: group chats are blocked by default (`channels.msteams.groupPolicy: "allowlist"`). To allow group replies, set `channels.msteams.groupAllowFrom` (or use `groupPolicy: "open"` to allow any member, mention-gated).
 
-## Goals
-
-- Talk to OpenClaw via Teams DMs, group chats, or channels.
-- Keep routing deterministic: replies always go back to the channel they arrived on.
-- Default to safe channel behavior (mentions required unless configured otherwise).
-
 ## Config writes
 
 By default, Microsoft Teams is allowed to write config updates triggered by `/config set|unset` (requires `commands.config: true`).
@@ -183,8 +173,6 @@ Before configuring OpenClaw, create an Azure Bot resource and capture its creden
   </Step>
 </Steps>
 
-<a id="federated-authentication-certificate--managed-identity"></a>
-
 ## Federated authentication
 
 > Added in 2026.3.24
@@ -374,60 +362,16 @@ This is often easier than hand-editing JSON manifests.
 2. Find the bot in Teams and send a DM
 3. Check gateway logs for incoming activity
 
-## Setup (minimal text-only)
+<Accordion title="Environment variable overrides">
 
-1. **Ensure the Microsoft Teams plugin is available**
-   - Current packaged OpenClaw releases already bundle it.
-   - Older/custom installs can add it manually:
-     - From npm: `openclaw plugins install @openclaw/msteams`
-     - From a local checkout: `openclaw plugins install ./path/to/local/msteams-plugin`
+Any of the bot/auth config keys can also be set via env vars:
 
-2. **Bot registration**
-   - Create an Azure Bot (see above) and note:
-     - App ID
-     - Client secret (App password)
-     - Tenant ID (single-tenant)
+- `MSTEAMS_APP_ID`, `MSTEAMS_APP_PASSWORD`, `MSTEAMS_TENANT_ID`
+- `MSTEAMS_AUTH_TYPE` (`"secret"` or `"federated"`)
+- `MSTEAMS_CERTIFICATE_PATH`, `MSTEAMS_CERTIFICATE_THUMBPRINT` (federated + certificate)
+- `MSTEAMS_USE_MANAGED_IDENTITY`, `MSTEAMS_MANAGED_IDENTITY_CLIENT_ID` (federated + managed identity; client ID only for user-assigned)
 
-3. **Teams app manifest**
-   - Include a `bot` entry with `botId = <App ID>`.
-   - Scopes: `personal`, `team`, `groupChat`.
-   - `supportsFiles: true` (required for personal scope file handling).
-   - Add RSC permissions (below).
-   - Create icons: `outline.png` (32x32) and `color.png` (192x192).
-   - Zip all three files together: `manifest.json`, `outline.png`, `color.png`.
-
-4. **Configure OpenClaw**
-
-   ```json5
-   {
-     channels: {
-       msteams: {
-         enabled: true,
-         appId: "<APP_ID>",
-         appPassword: "<APP_PASSWORD>",
-         tenantId: "<TENANT_ID>",
-         webhook: { port: 3978, path: "/api/messages" },
-       },
-     },
-   }
-   ```
-
-   You can also use environment variables instead of config keys:
-   - `MSTEAMS_APP_ID`
-   - `MSTEAMS_APP_PASSWORD`
-   - `MSTEAMS_TENANT_ID`
-   - `MSTEAMS_AUTH_TYPE` (optional: `"secret"` or `"federated"`)
-   - `MSTEAMS_CERTIFICATE_PATH` (federated + certificate)
-   - `MSTEAMS_CERTIFICATE_THUMBPRINT` (optional, not required for auth)
-   - `MSTEAMS_USE_MANAGED_IDENTITY` (federated + managed identity)
-   - `MSTEAMS_MANAGED_IDENTITY_CLIENT_ID` (user-assigned MI only)
-
-5. **Bot endpoint**
-   - Set the Azure Bot Messaging Endpoint to:
-     - `https://<host>:3978/api/messages` (or your chosen path/port).
-
-6. **Run the gateway**
-   - The Teams channel starts automatically when the bundled or manually installed plugin is available and `msteams` config exists with credentials.
+</Accordion>
 
 ## Member info action
 
@@ -956,8 +900,20 @@ Bots have limited support in private channels:
 
 ## Related
 
-- [Channels Overview](/channels) — all supported channels
-- [Pairing](/channels/pairing) — DM authentication and pairing flow
-- [Groups](/channels/groups) — group chat behavior and mention gating
-- [Channel Routing](/channels/channel-routing) — session routing for messages
-- [Security](/gateway/security) — access model and hardening
+<CardGroup cols={2}>
+  <Card title="Channels overview" icon="list" href="/channels">
+    All supported channels.
+  </Card>
+  <Card title="Pairing" icon="link" href="/channels/pairing">
+    DM authentication and pairing flow.
+  </Card>
+  <Card title="Groups" icon="users" href="/channels/groups">
+    Group chat behavior and mention gating.
+  </Card>
+  <Card title="Channel routing" icon="route" href="/channels/channel-routing">
+    Session routing for messages.
+  </Card>
+  <Card title="Security" icon="shield" href="/gateway/security">
+    Access model and hardening.
+  </Card>
+</CardGroup>