VoIP:VTX VPBX Teams Presence Synchronisation: Difference between revisions

From VTX Public Wiki

(Rich Presence Mapping Teams / VoIP Platform)
m (Text replacement - "Synchronization" to "Synchronisation")
Tag: Manual revert
 
(3 intermediate revisions by the same user not shown)
(No difference)

Latest revision as of 10:38, 21 May 2024

With VTX VPBX Teams Presence Synchronisation, you can use the best of both VTX VPBX and MS Teams features syncing the "Rich Presence" status between Teams and VTX VPBX. I.e it means that call status and presence status ( "busy", "in a meeting", "presenting", "do not disturb") status are sync bidirectionally.

This feature could be used with or without the combination of VTX Teams Virtual service.


Introduction[edit | edit source]

  • History: Since the upgrade of VTX VoIP platform to version 7 in late 2022, VTX VoIP platform does have an OpenAPI interface that allows to interact with other external tools. An a dedicated integrated framework has been developed to easily sync VTX and Teams Rich Presence
  • How it works: We do have VTX and Teams APIs talking to each other to exchange real time information about presence status. A restricted API account needs to be created on both platforms to have them being able to talk to each other. Then, we only have to link each VPBX user with his Teams Email address to start the presence sync.
  • What does it do : Sync VTX/Teams Rich Presence status in real time. Allowing not to be bothered by a Teams Call when on a "normal" VoIP call, or the other way around. Here are a few simple use cases
  1. Teams->C5: Be visible as "presenting" on VoIP platform while sharing screen in a Teams Call
  2. Teams->C5: Be visible as "in a meeting" on VoIP plarform while in a Teams Meeting in calendar
  3. C5->Teams: Be seen as busy in Teams while on the "normal" phone


Setup Process Overview[edit | edit source]

Here is the process that will allow you to setup the service

  1. Follow requirements below VoIP:VTX VPBX Teams Presence Synchronisation#Requirements
  2. Perform Azure AD setup ( create Application + API User + Certificate )
  3. Perform VTX C5 Setup ( Link Credentials + Certificate)
  4. Setup VTX/Teams User mapping


"VTX VPBX Teams Presence Synchronisation" value added features[edit | edit source]

  • Sync Rich Presence Status between VTX VPBX and MS Teams to benefit from both world without being visible as available when it is not the case



Requirements[edit | edit source]

You will find below all the needed requirements to use VTX VPBX Teams Presence Synchronisation Service

  1. a VTX VPBX Service
  2. A Microsoft 365 domain and accounts
  3. A Microsoft Azure Portal Admin account


Azure AD Setup Part 1[edit | edit source]

Create an Azure App Registration[edit | edit source]

  • Problematic: We would like to create an Azure App Registration named "VTX MS365 Presence Sync" to sync VoIP Platform and Azure ( that we will restrict to presence status sync only afterwards)
  • Solution: Follow procedure below
  1. Connect to https://portal.azure.com/ with an Admin Account of the domain you wish to sync presence status with the VoIP platform
  2. Select the "Azure Active Directory" service in the list ( if not visible, click on the "More service" option or search for it )
  3. Open the "App registrations" and create a new Registration in https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
    1. Name = "VTX MS365 Presence Sync c<CUSTOMERNUMBER>" ( ex: "VTX MS365 Presence Sync c429080" because 429080 is my VTX Test customer number)
    2. Set App as "Single tenant" access
    3. Click the "Register" button
  4. Copy the value of "Directory (tenant) ID" in a notepad that will be required later (info n°1)
  5. Copy the value of "Application (client) ID" in a notepad that will be required later (info n°2)


Azure AD - App Registration - Create App
Azure AD - App Registration - Copy Directory and APP Id


Create a Client Secret[edit | edit source]


  • Information: To authenticate an access to the App, we 1st create a "secret" key, we will create a certificate to enhance security even more in next sections
  • Problematic: Within the "VTX MS365 Presence Sync" App, create a "Client secret"
  • Solution: Follow procedure below
  1. Within the "VTX MS365 Presence Sync cXXXXX" app, go in the Certificates & secrets menu
  2. Go in the "Client secrets" Tab
  3. Click on "+ New client secret"
    1. Set Description = "MS365 Presence Client Secret cXXXXX"
    2. Set Expires = Maximum 730 days ( 24 months )
    3. Click the "Add" Button
  4. Copy now the "Value" of the secret in a notepad and store the value for later use (info n°3)
  5. Copy also the expiration date of the secret (info n°4)


Azure AD - App Registration - Client secret Generation


Create API user MS365-Presence-Sync-cXXXXX[edit | edit source]

  • Information: We need to create an API user that does not require any additional license. We set it up with restricted access to only allow bi-directional Rich Presence Sync for this user
  • Problematic: Create an API user
  • Solution: Follow procedure below
  1. Connect to Azure Portal user list https://portal.azure.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers
  2. Click the "+ New user" button
    1. Set User name = MS365-Presence-Sync-cXXXXX @ "YOUR DOMAIN" and store information in notepad (info n°5). NB: The "DOMAIN" should be the same as the Teams user you wish to sync presence for
    2. Set Display Name = MS365 Presence Sync API User cXXXXX
    3. Create and Store Complex Password and store information in notepad (info n°6)
    4. Set the user as "Global Reader" for the time being
Azure AD - Create User MS365-Presence-Sync



API Authentication - Allow public client flows[edit | edit source]

  • Problematic: We need to allow public access to the App Registration "VTX MS365 Presence Sync" to be able to access it from the VTX VoIP platform
  • Solution: Follow procedure below
  1. Go back in the app registration https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
  2. Select "VTX MS365 Presence Sync cXXXXX" app
  3. Go in "Authentication" menu
  4. In "Advanced settings", set "Allow public client flows" = Yes
  5. Click the "Save" button
Azure AD - Allow public client flows


API Permissions - All access to Presence Information in Read/Write mode[edit | edit source]

  • Problematic: We need to restrict the app API permissions to Read/Write mode to presence data only
  • Solution: Follow procedure below
  1. Go back in the app registration https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
  2. Select "VTX MS365 Presence Sync cXXXXX" app
  3. Go in the "API permissions" menu
  4. Delete the "User.Read" default permission that is not needed
  5. Click the "Add a permission" button
    1. Select "Microsoft Graph"
    2. Select "Delegated permissions"
    3. Search and enable the permission "Presence.Read.All"
    4. Click the "Add permissions" button
  6. Click the "Add a permission" button
    1. Select "Microsoft Graph"
    2. Select "Application permissions"
    3. Search and enable the permission "User.Read.All" and "Presence.ReadWrite.All"
    4. Click the "Add permissions" button
  7. Click the "Grant admin consent" in which you all the app to have access to this presence data
  8. If all OK, it should be setup like the screenshot below
Azure AD - App Registration API Permissions

Gather all needed information[edit | edit source]

  • Information: If you have have followed all steps above, you would have the following information
    • Directory (tenant) ID
    • Application (client) ID
    • Client secret value
    • Client Secret expiry date (optional)
    • API user
    • API user password

VTX Kiosk Setup[edit | edit source]

Enter API Credentials and Get VoIP platform certificate[edit | edit source]

This is the section that is not ready yet, in the meantime, we need to exchange the information with VTX with a secure channel

  • Problematic: Enter Azure API credentials and get the VoIP Platform certificate to upload in Azure AD
  • Solution: Follow procedure below
  1. VTX will send you a secured way to send all the credentials above ( pending to allow you to do it directly in VTX Kiosk Selfcare Portal )
  2. VTX will send you back a certificate to upload in Azure AD for API authentication to be used in next section


Add Mapping Between Phone Users and Teams Email[edit | edit source]

  • Problematic: Now that the global API sync is in place, we need a mapping between the Phone Number and the Teams Email Address
  • Problem: It is not possible to set this from Kiosk Yet
  • Workaround: In the meantime, please provide a table to VTX with the list of Teams users and their VTX VoIP number in order to setup the mapping on VTX side


Azure AD Setup Part 2[edit | edit source]

Upload VoIP Platform Certificate API[edit | edit source]

  • Problematic: Upload the VoIP Platform API certificate to Azure
  • Solution: Follow procedure below
  1. Get the vtx-api-certificate-cXXXXXX.pem from VTX
  2. Connect to Azure AD, App Registration like before https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
  3. Go in the setup of "VTX MS365 Presence Sync cxxx" App registration
  4. Go in the "Certificate & secrets"
  5. Go in the "Certificates" tab
  6. Click an Upload Certificate
    1. Browse the certificate on your PC retrieved in previous section
    2. Add comment "MS Teams Cert from VTX for cXXXXX"
    3. Click the "Add" button
Azure AD - App registration - Upload API VoIP Certificate


Rich Presence Mapping Teams / VoIP Platform[edit | edit source]


  • Information: The Rich Presence Write Permissions are really restricted on MS365. It means that we can map any Teams Presence to anything on the VoIP platform, but on the other direction, from VTX -> Teams, we can only set "Available" and "Away" status


Microsoft vs VTX VoIP Platform Rich Presence Mapping

MS365 activity VTX VoIP Platform

Rich presence Activity

Be right back -> On Break
Away -> Away
Off work -> Away
Offline -> Away
Do not disturb -> Do Not Disturb
Busy (Meeting) -> In a Meeting
Busy (Time blocker) -> In a Meeting
Out of office -> Out of Office
Away <- Away
Away <- On Break
Away <- Do Not Disturb
Away <- Out of Office
Away <- Vacation
Away <- Sick Leave