VoIP:VTX VPBX Teams Presence Synchronisation: Difference between revisions
From VTX Public Wiki
(→Azure AD Setup: Create a Client Secret) |
(→Azure AD Setup: Upload VoIP Platform Certificate API) |
||
Line 44: | Line 44: | ||
= Azure AD Setup = |
= Azure AD Setup Part 1 = |
||
== Create an Azure App Registration == |
== Create an Azure App Registration == |
||
Line 59: | Line 58: | ||
## Set App as "Single tenant" access |
## Set App as "Single tenant" access |
||
## Click the "Register" button |
## Click the "Register" button |
||
# Copy the value of '''"Directory (tenant) ID"''' in a notepad that will be required later (n°1) |
# Copy the value of '''"Directory (tenant) ID"''' in a notepad that will be required later (info n°1) |
||
# Copy the value of '''"Application (client) ID"''' in a notepad that will be required later (n°2) |
# Copy the value of '''"Application (client) ID"''' in a notepad that will be required later (info n°2) |
||
Line 88: | Line 87: | ||
## Set '''Expires''' = Maximum 730 days ( 24 months ) |
## Set '''Expires''' = Maximum 730 days ( 24 months ) |
||
## Click the "Add" Button |
## Click the "Add" Button |
||
# Copy now the "Value" of the secret in a notepad and store the value for later use (n°3) |
# Copy now the "Value" of the secret in a notepad and store the value for later use (info n°3) |
||
# Copy also the expiration date of the secret (info n°4) |
|||
Line 94: | Line 94: | ||
<tr><td> |
<tr><td> |
||
[[Image:Azure-AD-App-Registration-Client-Secret-01.png|thumb|1200px|left|Azure AD - App Registration - Client secret Generation]] |
[[Image:Azure-AD-App-Registration-Client-Secret-01.png|thumb|1200px|left|Azure AD - App Registration - Client secret Generation]] |
||
</td> |
|||
</tr> |
|||
</table> |
|||
== Create API user == |
|||
* '''Information''': We need to create an API user that does not require any additional license. We set it up with restricted access to only allow bi-directional Rich Presence Sync for this user |
|||
* '''Problematic''': Create an API user |
|||
* '''Solution''': Follow procedure below |
|||
# Connect to Azure Portal user list https://portal.azure.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers |
|||
# Click the "+ New user" button |
|||
## Set '''User name''' = '''MS365-Presence-Sync @ "YOUR DOMAIN"''' and store information in notepad (info n°5) |
|||
## Set '''Display Name''' = MS365 Presence Sync API User cXXXXX |
|||
## Create and Store Complex Password and store information in notepad (info n°6) |
|||
## Set the user as "Global Reader" for the time being |
|||
<table> |
|||
<tr><td> |
|||
[[Image:Azure-AD-User-API-01.png|thumb|1200px|left|Azure AD - Create User MS365-Presence-Sync]] |
|||
</td> |
|||
</tr> |
|||
</table> |
|||
== Gather all needed information == |
|||
* '''Information''': If you have have followed all steps above, you would have the following information |
|||
** Directory (tenant) ID |
|||
** Application (client) ID |
|||
** Client secret value |
|||
** Client Secret expiry date (optional) |
|||
** API user |
|||
** API user password |
|||
= VTX Kiosk Setup = |
|||
== Enter API Credentials and Get VoIP platform certificate == |
|||
<font color="red">'''This is the section that is not ready yet, in the meantime, we need to exchange the information with VTX with a secure channel'''</font> |
|||
* '''Problematic''': Enter Azure API credentials and get the VoIP Platform certificate to upload in Azure AD |
|||
* '''Solution''': Follow procedure below |
|||
# VTX will send you a secured way to send all the credentials above ( pending to allow you to do it directly in VTX Kiosk Selfcare Portal ) |
|||
# VTX will send you back a certificate to upload in Azure AD for API authentication to be used in next section |
|||
= Azure AD Setup Part 2 = |
|||
== Upload VoIP Platform Certificate API == |
|||
* '''Problematic''': Upload the VoIP Platform API certificate to Azure |
|||
* '''Solution''': Follow procedure below |
|||
# Get the vtx-api-certificate-cXXXXXX.pem from VTX |
|||
# Connect to Azure AD, App Registration like before https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps |
|||
# Go in the setup of "VTX MS365 Presence Sync cxxx" App registration |
|||
# Go in the "Certificate & secrets" |
|||
# Go in the "Certificates" tab |
|||
# Click an Upload Certificate |
|||
## Browse the certificate on your PC retrieved in previous section |
|||
## Add comment "MS Teams Cert from VTX for cXXXXX" |
|||
## Click the "Add" button |
|||
<table> |
|||
<tr><td> |
|||
[[Image:Azure-AD-App-Certificate-01.png|thumb|1200px|left|Azure AD - App registration - Upload API VoIP Certificate]] |
|||
</td> |
</td> |
||
</tr> |
</tr> |
Revision as of 14:21, 28 March 2023
With VTX VPBX Teams Presence Synchronisation, you can use the best of both VTX VPBX and MS Teams features syncing the "Rich Presence" status between Teams and VTX VPBX. I.e it means that call status and presence status ( "busy", "in a meeting", "presenting", "do not disturb") status are sync bidirectionally.
This feature could be used with or without the combination of VTX Teams Virtual service.
Introduction[edit | edit source]
- History: Since the upgrade of VTX VoIP platform to version 7 in late 2022, VTX VoIP platform does have an OpenAPI interface that allows to interact with other external tools. An a dedicated integrated framework has been developed to easily sync VTX and Teams Rich Presence
- How it works: We do have VTX and Teams APIs talking to each other to exchange real time information about presence status. A restricted API account needs to be created on both platforms to have them being able to talk to each other. Then, we only have to link each VPBX user with his Teams Email address to start the presence sync.
- What does it do : Sync VTX/Teams Rich Presence status in real time. Allowing not to be bothered by a Teams Call when on a "normal" VoIP call, or the other way around. Here are a few simple use cases
- Teams->C5: Be visible as "presenting" on VoIP platform while sharing screen in a Teams Call
- Teams->C5: Be visible as "in a meeting" on VoIP plarform while in a Teams Meeting in calendar
- C5->Teams: Be seen as busy in Teams while on the "normal" phone
Setup Process Overview[edit | edit source]
Here is the process that will allow you to setup the service
- Follow requirements below VoIP:VTX VPBX Teams Presence Synchronisation#Requirements
- Perform Azure AD setup ( create Application + API User + Certificate )
- Perform VTX C5 Setup ( Link Credentials + Certificate)
- Setup VTX/Teams User mapping
"VTX VPBX Teams Presence Synchronisation" value added features[edit | edit source]
- Sync Rich Presence Status between VTX VPBX and MS Teams to benefit from both world without being visible as available when it is not the case
Requirements[edit | edit source]
You will find below all the needed requirements to use VTX VPBX Teams Presence Synchronisation Service
- a VTX VPBX Service
- A Microsoft 365 domain and accounts
- A Microsoft Azure Portal Admin account
Azure AD Setup Part 1[edit | edit source]
Create an Azure App Registration[edit | edit source]
- Problematic: We would like to create an Azure App Registration named "VTX MS365 Presence Sync" to sync VoIP Platform and Azure ( that we will restrict to presence status sync only afterwards)
- Solution: Follow procedure below
- Connect to https://portal.azure.com/ with an Admin Account of the domain you wish to sync presence status with the VoIP platform
- Select the "Azure Active Directory" service in the list ( if not visible, click on the "More service" option or search for it )
- Open the "App registrations" and create a new Registration in https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
- Name = "VTX MS365 Presence Sync c<CUSTOMERNUMBER>" ( ex: "VTX MS365 Presence Sync c429080" because 429080 is my VTX Test customer number)
- Set App as "Single tenant" access
- Click the "Register" button
- Copy the value of "Directory (tenant) ID" in a notepad that will be required later (info n°1)
- Copy the value of "Application (client) ID" in a notepad that will be required later (info n°2)
Create a Client Secret[edit | edit source]
The value if the secret only appears twice, you will need to create a new secret if you loose it |
The secret is valid for a mixed amount of time, API authentication will fail once it expires, so you will need to create a new one and push it in VTX Kiosk menu on renewal. |
- Information: To authenticate an access to the App, we 1st create a "secret" key, we will create a certificate to enhance security even more in next sections
- Problematic: Within the "VTX MS365 Presence Sync" App, create a "Client secret"
- Solution: Follow procedure below
- Within the "VTX MS365 Presence Sync cXXXXX" app, go in the Certificates & secrets menu
- Go in the "Client secrets" Tab
- Click on "+ New client secret"
- Set Description = "MS365 Presence Client Secret cXXXXX"
- Set Expires = Maximum 730 days ( 24 months )
- Click the "Add" Button
- Copy now the "Value" of the secret in a notepad and store the value for later use (info n°3)
- Copy also the expiration date of the secret (info n°4)
Create API user[edit | edit source]
- Information: We need to create an API user that does not require any additional license. We set it up with restricted access to only allow bi-directional Rich Presence Sync for this user
- Problematic: Create an API user
- Solution: Follow procedure below
- Connect to Azure Portal user list https://portal.azure.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers
- Click the "+ New user" button
- Set User name = MS365-Presence-Sync @ "YOUR DOMAIN" and store information in notepad (info n°5)
- Set Display Name = MS365 Presence Sync API User cXXXXX
- Create and Store Complex Password and store information in notepad (info n°6)
- Set the user as "Global Reader" for the time being
Gather all needed information[edit | edit source]
- Information: If you have have followed all steps above, you would have the following information
- Directory (tenant) ID
- Application (client) ID
- Client secret value
- Client Secret expiry date (optional)
- API user
- API user password
VTX Kiosk Setup[edit | edit source]
Enter API Credentials and Get VoIP platform certificate[edit | edit source]
This is the section that is not ready yet, in the meantime, we need to exchange the information with VTX with a secure channel
- Problematic: Enter Azure API credentials and get the VoIP Platform certificate to upload in Azure AD
- Solution: Follow procedure below
- VTX will send you a secured way to send all the credentials above ( pending to allow you to do it directly in VTX Kiosk Selfcare Portal )
- VTX will send you back a certificate to upload in Azure AD for API authentication to be used in next section
Azure AD Setup Part 2[edit | edit source]
Upload VoIP Platform Certificate API[edit | edit source]
- Problematic: Upload the VoIP Platform API certificate to Azure
- Solution: Follow procedure below
- Get the vtx-api-certificate-cXXXXXX.pem from VTX
- Connect to Azure AD, App Registration like before https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps
- Go in the setup of "VTX MS365 Presence Sync cxxx" App registration
- Go in the "Certificate & secrets"
- Go in the "Certificates" tab
- Click an Upload Certificate
- Browse the certificate on your PC retrieved in previous section
- Add comment "MS Teams Cert from VTX for cXXXXX"
- Click the "Add" button