Howto15r1:Configure User Presence Sync by Connector for Microsoft365: Difference between revisions
| Line 79: | Line 79: | ||
| [[Image:APIPermission_Connector_for_Microsoft365_Sync_to_Teams.png|thumb|none|600px]] | [[Image:APIPermission_Connector_for_Microsoft365_Sync_to_Teams.png|thumb|none|600px]] | ||
| === | ===installation and configuration of the App === | ||
| ====  | ==== Install the App with the Settings App - AP app installer plug-in ====   | ||
| [[File:Ap_app_installer.png]] | [[File:Ap_app_installer.png]] | ||
Latest revision as of 09:34, 18 September 2025
Applies To
This information applies to Connector for Microsoft 365 from version 15r1
More Information
This article outlines a configuration scheme for Connector for Microsoft365 functionality.
In preparation, you first will need to configure two Applications in your Azure Portal (one for each direction). 
After that, you will install the App in your Application Platform, and configure everything.
System Requirements
- Licenses innovaphone Connector for Microsoft 365 per user who wants to use the innovaphone myApps Connector for Microsoft 365.
- account in Azure Portal of Microsoft (for each of the technical communication users, no permission role needed)
 - Each communication user must have a Teams license applied, more infos can be found  here
- Each communication user can be used to subscribe the presence of up to 650 users. (If you want to synchronize more than 650 users, you will need a multitude of communication users)
- Must not have multi factor authentication activated
 
- Each communication user must have a Teams license applied, more infos can be found  here
- Must have access from the internet to your App Platform
- This can be done by using a reverse proxy or other firewall
 
- The public endpoint must have  a valid, public signed certificate (in order to make a trusted SSL connection from the Azure cloud to the Application Platform possible)
- A valid certificate is required in all involved network entities - at least in the App Platform and if used in the Reverse Proxy; to ensure transmission of MS365 HTTPS POST requests to the app service in order to send notifications.
 
- Admin account for Azure Portal (only necessary for granting needed permission for registered app during setup)
Installation
Configuration in Azure Portal
Create an App for syncing Teams to PBX
- In the Azure Portal of Microsoft you have to add an app registration
- You only have to give a name for the app

- Switch to the authentication on the left
- You only have to configure allow public client flow

- Switch to api permissions on the left
- You have to configure delegated permissions (User.Read.All and Presence.Read.All) as shown in the picture
- Grant access to the api permissions, if not possible you have to ask an admin



With these configurations you can configure the Connector for Microsoft365
- Client ID as shown in the picture
- Tenant ID as shown in the picture
- User
- Password

Create an App for syncing PBX to Teams
- In the Azure Portal of Microsoft you have to add a new app registration
- In the picture you can see that we have 2 values after that which we can use for the configuration of the app

- Switch to Certificates & Secrets on the left
- You only have to configure a client secret and save the value for the configuration of the app

- Switch to api permissions on the left
- You have to configure application permission (Presence.ReadWrite.All) as shown in the picture
- Grant access to the api permissions, if not possible you have to ask an admin



installation and configuration of the App
Install the App with the Settings App - AP app installer plug-in
Go to the Settings App and open the "AP app installer" plugin. On the right panel, the App Store will be shown. Hint : if you access it for the first time, you will need to accept the "Terms of Use of the innovaphone App Store"
- In the search field located on the top right corner of the store, search for "Connector for microsoft 365" and click on it
- Select the proper firmware version, here "v15" and click on install
- Tick "I accept the terms of use" and continue by clicking on the install yellow button
- Wait until the install has been finished
- Close and open the PBX manager to refresh the list of the available coloured AP plugin
- Click on the "AP microsoft365" and click on " + Add an App"
- The "Name" display name field (all characters allowed) and the "SIP" administration field (no spaces, no capital letters) are prefilled, you can leave them as they are.
- Click OK to save the settings and a green check mark will be shown to inform you that the configuration is good
Add the admin app to a user or a template
To be able to configure the connector app, you need users to have access to the admin app.
You can achieve this by adding the app to a user, or to a template. 
In this Howto - as an example - we will add the app to the Config Admin template. 
- In the Settings App
- select the Templatestile
- click on the Config Admintemplate

- In the Config Admintemplate
- open Apps
- Check the app namecheckbox
- Save the changes

Configure the connector with the admin app
Now your admins (designated groups or configured user) should have access to the connector admin app. 
- A user with access to the app can now see a new tile in the All Apps area
- The name depends on the configured app namefrom the PBX Manager plugin

Synchronization from Teams to the PBX
- First you will need to configure the inbound sync from Teams to PBX
- Configuration
- Master PBX - Set the name of your Master PBX (Not full DNS name, really just only the PBX name) Good: [pbx] Bad: [pbx.domain.tld]
- ClientIDSynctoPbx - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created Teams to PBX app
- TenantSynctoPbx - Please insert the Directory ID (Tenant) from Azure Portal from the in preparation created Teams to PBX app
- Notification URL - You need to specify the address Microsoft can send presence updates to.
- You need to make sure that you define a URL where you can reach your App Platform from the public internet public.dns
- Next you need the domain you have configured in the app instance before (3.2.2) your.domain
- Next you need the name of the instance you have configured before (3.2.2) microsoft365
- The URL will always be terminated by subscriptions- https://public.dns/your.domain/microsoft365/subscriptions
 
 
- You need to make sure that you define a URL where you can reach your App Platform from the public internet 
 
- Manage Teams accounts
- Click on Add Teams account
- Enter username (Azure Portal account in email format)
- Enter password
- Click on the check mark
- Make sure to add an Azure Portal communication user for each 650 user you want to subscribe
 
 
- Configuration
- After successful configuration and subscription, the Microsoft services will connect to the specified Notification URL for presence and line state updates.
- For this to work, it is important to make sure that the specified Notification URL is reachable from the Microsoft services, meaning from the public internet.
It can take up to 10 Minutes until all check marks are green, and the sync is working
Synchronization from the PBX to Teams
- For the outbound synchronization you select from PBX to Teams in the admin app
- ClientIDSynctoTeams - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created PBX to Teams app
- TenantSyncto Teams - Please insert the Directory ID (Tenand) from Azure Portal from the in preparation created PBX to Teams app
- ClientSecretSynctoTeams - Please insert the shared secret from the in preparation created PBX to Teams app

- For the sync direction from PBX to Teams, the app itself needs visibility permissions (presence, on-the-phone) for the users who are should be synced to Teams. The configuration tag is visibility for each user object.
Related Articles
Concept App Service Connector for Microsoft 365
Howto15r1:Configure Calendar Presence Sync by Connector for Microsoft365


