Create App Registration Automatically using Invitation Wizard

An App registration for securing the connection between Live Platform and the customer M365 Azure tenant platform can be created automatically using the Invitation wizard. The wizard is triggered through an Authentication URL link sent in an email to either your M365 Live Platform admin user account or to the customer M365 admin user account. If you create the registration on behalf of the customer then they must provide you with the credentials of their M365 Global admin user Principal Name (UPN). You can also trigger the Invitation wizard by copying the Authentication URL from the Pending Invitations page in the Multitenant portal. This process additionally creates an Enterprise application with Delegated Token authentication required for adding the Application registration. You can remove this application once the Application Registration has been successfully created. The name of the application is <LivePlatform_servername>-<ServiceProvider_name>-token. For example, 'Sandbox1-sp2-token'.

Ensure that the Application Administrator admin role is assigned to the customer tenant M365 admin (User Principal Name-UPN) that you configure in the step below.

Do the following:
1. Login to the customer Live Platform Operation Center with your Live Platform admin user.
2. In the Services page, from the Add Service drop-down, select Direct Routing.

3. Choose the relevant customer and then click Select.

4. Enter the Commercial information and then click Add Service (see Enabling Commercial Information for Services).

5. Click Add New Tenant.

6. Enter Full Name of Service – Free Text.
7. Enter a unique Short Name for the service complying with the following rules:
The string should be 3-15 characters long
The following characters cannot be used: \ / : * ? " < > |audit
The string can contain letters (lower/UPPER case), numbers and special characters are allowed, however cannot contain the dot (.) or blank spaces.
The string should be a unique name per service
8. Select the relevant license type Hosted Essentials+ or Hosted Pro.
9. Enter the number of licensed users. A maximum of 500 users can be configured per service.
10. Select option Send link to IT administrator for authentication,enter the email address of either your Live Platform M365 account or the customer M365 Global admin user Principal Name (UPN) account, and then click Next. A email confirmation dialog is displayed; close it. An email link similar to the following is sent to the designated account. When Click here to activate your tenant is clicked, the Invitation wizard is displayed.

a. You can alternatively access the authentication URL invitation from the Pending Invitations page (MonitoringService Pending Invitations).

b. Click Auth URL link, copy the URL and paste it in your browser.

If the email has not been received, verify that the 'Email Sent' field is true (see Pending Invitations) and also check the email settings (see Configuring Email Settings).

11. Click Create New App Registration.
12. Enter the customer M365 Global admin user (User Principal Name-UPN) with Application Administrator permissions, and then click Start Authentication.

13. Do one of the following:
Copy the code and then click the URL link below it.
Click Copy code and open page in new tab.

14. Click Next or enter code if you clicked the ....device/login link above.

15. Enter the credentials of the customer M365 Global admin user (User Principal Name-UPN) and then click Continue. Follow the prompts to authenticate your account using Microsoft Authenticator if required.
16. A confirmation message is displayed; close the dialog. Another confirmation message is displayed that the connection has been successfully established; click Next step.

17. Enter the name of the Application Registration complying with the following rules, and then click Start Provisioning.
The string should be 3-15 characters long
The following characters cannot be used: \ / : * ? " < > |audit
The string can contain letters (lower/UPPER case), numbers and special characters are allowed, however cannot contain the dot (.) or blank spaces.
Define a unique name per service

18. At the end of the process, the following confirmation message is displayed; close the page.

19. Do one of the following:
a. Verify in the Multitenant portal Pending Invitations page (Monitoring > Service > Pending Invitations) that the connection is authenticated; verify that the 'Device Authenticated value' is true and then click Add.

b. Open the Direct Routing Onboarding wizard (Services page, Add Service menu Add ServiceTeams: Direct Routing).

i. Click Pending Invitations, verify status is Authentication Complete and then click Add adjacent to the relevant Customer ID.

20. Click Pending Invitations, verify that status is Authentication Complete and then click Add adjacent to the relevant Customer ID.

The details of the new App registration are displayed.

21. Click Next; the App registration credentials are authenticated and then the Onboarding wizard opens.

22. Complete the Onboarding wizard to create the service (see Onboarding with Hosted Essentials + and Onboarding with Hosted Pro).