Skip to content

Getting Started

By the end of this page a LiveKit agent answers a Microsoft Teams call. You need Python >= 3.10, a LiveKit server (a LiveKit Cloud project or self-hosted) with an API key/secret, a LiveKit agent worker, and a StandIn identity (the sandbox is enough).

A LiveKit call needs two processes: your agent runs as a worker, and the bridge dispatches it into a per-call room. Register the worker under an agent name:

cli.run_app(WorkerOptions(entrypoint_fnc=entrypoint, agent_name="standin-voice-agent"))

Any existing LiveKit agent works unchanged - or start from the ready-made examples (a minimal voice pipeline and a bitHuman avatar) referenced in Run the Example.

Terminal window
pip install livekit-msteams-bridge

As a CLI:

Terminal window
LIVEKIT_URL=wss://your-project.livekit.cloud \
LIVEKIT_API_KEY=API... \
LIVEKIT_API_SECRET=... \
LIVEKIT_AGENT_NAME=standin-voice-agent \
WORKER_SHARED_SECRET=... \
livekit-msteams-bridge

A .env file in the working directory is loaded automatically (existing environment wins). Or embedded in your own asyncio app:

import asyncio
from livekit_msteams_bridge import load_config, start_server
async def main():
await start_server(load_config()) # same env variables as the CLI
await asyncio.Event().wait()
asyncio.run(main())

Every option is an environment variable; the package ships a fully commented .env.example, and the Configuration Reference documents each one. The bridge listens on 0.0.0.0:8080 by default and exposes GET /healthz for liveness checks.

WORKER_SHARED_SECRET comes from StandIn in the next step.

StandIn is the hosted service that joins the Teams call and dials into your bridge. Pick a tier at standin.komaa.com (sandbox for an instant trial), pair, and you get a shared secret.

  1. Put the secret in WORKER_SHARED_SECRET (both sides must match exactly).
  2. Point the identity’s agent WebSocket URL at your bridge, for example wss://lk-bridge.example.com:8080/voice/msteams/stream. StandIn appends /{callId} per call.
  3. Restart the bridge if you changed the env.

StandIn dials in from the internet, so a laptop or private host needs a public URL. A tunnel gives you one and terminates TLS (so you get wss:// for free). Run one pointing at port 8080:

Tailscale Funnel:

Terminal window
tailscale funnel --bg --https=8080 8080

Cloudflare Tunnel:

Terminal window
cloudflared tunnel --url http://localhost:8080

ngrok:

Terminal window
ngrok http 8080

For a fixed production host use an ingress/load balancer, or serve TLS natively with TLS_CERT_PATH + TLS_KEY_PATH. Never give StandIn a plain ws:// URL outside local testing.

More detail (tiers, what pairing does, cutoff behavior): Connecting to StandIn.

Call your Teams bot (or join the sandbox meeting). In the bridge logs you should see the call arrive, the room open, the agent dispatched, and the relay start:

INFO [server] worker connected for call 19:meeting_ab... (1/64)
INFO [call:19:meeting_ab] session.start (direction=inbound, recording=unknown)
INFO [call:19:meeting_ab] LiveKit room "msteams-19-meeting_ab..." joined
INFO [call:19:meeting_ab] agent "standin-voice-agent" dispatched
INFO [call:19:meeting_ab] LiveKit room "msteams-19-meeting_ab..." relaying

Speak, and the agent answers in its own voice. If the call connects but something is off, Troubleshooting maps every error you are likely to see (401 handshake, agent-unavailable, silent agent) to its cause.