O365 Status Dashboard

This is a simple O365 Status Dashboard that leverages the O365 Service Health API to provide non-admin users a quick status overview about their O365 infrastructure.

Overview

The status dashboard is a tiny ASP.NET Core MVC application that retrieves tenant-specific O365 status information. It is containerized and can run on Windows, Mac, and Linux.

Live Demo and screenshot:

Setup

Create AAD App Registration for Service Health API

The application needs a pre-configured service account to get access to the O365 Service Health API.

1. Go to the Azure Portal and create a new Azure AD application (quick link).
2. In the 'Register an application' dialog, choose a meaningful display name for the application, e.g. "Contoso O365 Status Dashboard".
3. For 'Supported account types' choose 'Accounts in this organizational directory only (Microsoft only - Single tenant)'.
4. The 'Redirect URI' can be left empty.
5. Click 'Register'.

Configure the AAD App:

1. Select 'API permissions'
2. Remove any pre-configured permissions (usually 'Microsoft.Graph/User.Read').
3. Select 'Add a permission'
4. Choose 'Office 365 Management APIs'
5. Select 'Application permissions', search for 'health' and select the 'ServiceHealth.Read' permission.
6. Confirm with 'Add permissions'
7. Grant admin consent for the just created permission. You are done, when you see the green check mark.
8. Create a new secret and keep the created secret in a temporary scratch space (e.g. Notepad).

Collect the following values for the registered AAD App and keep them in a temporary scratch space - you will need them later:

• Tenant Host, e.g. contoso.onmicrosoft.com or contoso.com
• Tenant ID, e.g. 00000000-0000-0000-0000-000000000000
• Client ID also known as Application ID, e.g. 00000000-0000-0000-0000-000000000000
• Client Secret (you just created)

Running the Dashboard Web App

You can either build the application from scratch, use the provided Dockerfile or run a pre-build docker image from Docker Hub.

Here is a sample that uses the pre-built docker image:

1. Create a docker env.list file using the configuration from the App Registration:

ServiceHealthApiConfiguration__TenantHost=contoso.onmicrosoft.com
ServiceHealthApiConfiguration__TenantId=00000000-0000-0000-0000-000000000000
ServiceHealthApiConfiguration__ClientId=00000000-0000-0000-0000-000000000000
ServiceHealthApiConfiguration__ClientSecret=00000000-0000-0000-0000-000000000000
ServiceHealthApiConfiguration__CacheDurationInSeconds=60
ServiceHealthApiConfiguration__WorkloadBlacklist=Lync,SwayEnterprise
CompanyConfiguration__CompanyName=Contoso
CompanyConfiguration__SupportEmail=support@contoso.com
CompanyConfiguration__SupportPhone=+1 000-000-000

# If you run in Azure, you can also inject and application insights instance.
ApplicationInsights__InstrumentationKey=00000000-0000-0000-0000-000000000000

2. Run the docker image

docker run --env-file env.list -p8080:8080 olohmann/o365-status-dashboard:latest

Configuration Reference

The following table defines the environment variable name, an example value and a brief description of the configuration option.

Variable	Sample Value	Description
ServiceHealthApiConfiguration__TenantHost	contoso.onmicrosoft.com	The AAD app's tenant host name.
ServiceHealthApiConfiguration__TenantId	00000000-0000-0000-0000-000000000000	The AAD app's tenant ID.
ServiceHealthApiConfiguration__ClientId	00000000-0000-0000-0000-000000000000	The AAD app's client ID.
ServiceHealthApiConfiguration__ClientSecret	00000000-0000-0000-0000-000000000000	The AAD app's client secret.
ServiceHealthApiConfiguration__CacheDurationInSeconds	60	Caching duration of service status health in seconds.
ServiceHealthApiConfiguration__WorkloadBlacklist	Lync,SwayEnterprise,StaffHub	The list of workload IDs that should NOT be visible on the dashboard. A case-insensitive, comma-separated list of workloads.
CompanyConfiguration__CompanyName	Contoso	The company's name.
CompanyConfiguration__SupportEmail	support@contoso.com	The E-Mail address of the support team.
CompanyConfiguration__SupportPhone	+1 000-000-000	A string that denotes the support phone number.

Deploying the Dashboard Wep App in Azure

There is a fully functional terraform deployment in the folder iac. Use the tfvars template to customize the deployment.

Configuring Access Control for the Dashboard when hosting in Azure

You most likely would like to control the access to the application when you deploy it in Azure so only employees from your company can see the status dashboard. To do so, you can leverage the Azure AD login with App Services as described in the documentation.

If you need to fine-tune the access to the dashboard, you can configure the Enterprise Application access via Azure AD. This allows you to configure access to the dashboard only to specific users or groups and enable a self-service access request. See the documentation for details.