Run Invitation wizard using Application Registration

This procedure describes how to create a new Application registration connection between Live Platform and the customer M365 Azure tenant platform using the Invitation wizard. Once created, you can use the same registration to add additional Direct Routing services to your customer. A new secret should be created for each new service.

Once you create the initial registration, you can then use the credentials of this registration to add additional services using the following methods:

■

Send email link to Invitation wizard: Secure Connection using Existing Registration with Email Link

■

Enter Application (Client) ID and secret of the Application Registration directly from the Onboarding wizard: Use Existing Application Registration

➢

Do the following:

1.

Login to the customer Azure tenant portal with Application Administrator permissions.

2.

In the Services page from the Add Service drop-down, select Direct Routing.

3.

Choose the relevant customer.

4.

Enter Full Name of Service – Free Text.

5.

Enter Unique Short Name of Service - Define a unique name for the new service.

The name should comply with the following rules:

●

The string should be 3-15 characters long

●

The following characters cannot be used: \ / : * ? " < > |audit

●

Can contain letters (lower/UPPER case), Numbers and special characters are allowed, however cannot contain the dot (.) or blank spaces.

●

Unique name per Service

6.

Select the relevant license type Hosted Essentials+ or Hosted Pro license Type.

7.

Select the number of licensed users. A maximum of 500 users can be configured per service.

8.

Select the check box Send link to IT administrator for authentication, enter the email address of the Tenant service admin, and the click Next.

9.

In the Multitenant, open the Pending Invitations page (Monitoring > Service > Pending Invitations).

10.

Click Auth URL link, copy the URL and paste it in your browser.

An email similar to the following is sent to the customer tenant admin.

11.

Click Click here to activate your tenant.

The Invitation wizard is displayed.

12.

Do one of the following:

●

Create a New App Registration

13.

Click Create New App Registration.

14.

Enter the M365 admin user User Principal Name (UPN) (Application Administrator role or higher) to create the App Registration for securing the connection.

15.

Do one of the following:

●

Copy the code and then click the URL link below it.

●

Click Copy code and open page in new tab.

16.

Click Next or enter code if you clicked the ....device/login link above.

17.

Enter credentials of the Admin account of the M365 tenant.

18.

Click Continue.

19.

Close the dialog. A confirmation message is displayed that the connection has been successfully established.

20.

Enter the name of the Application Registration. The name should comply with the following rules:

●

The string should be 3-15 characters long

●

The following characters cannot be used: \ / : * ? " < > |audit

●

Can contain letters (lower/UPPER case), Numbers and special characters are allowed, however cannot contain the dot (.) or blank spaces.

●

Unique name per Service (check regarding )

21.

Open the Onboarding wizard (Direct Routing > Add Service).

22.

Click Pending Invitations.

23.

Click Add. Notice that the new registration details are displayed.

24.

Click Next. The tenant credentials are validated.

25.

Click Next.

26.

Complete the Onboarding wizard for the creation of the service (see Onboarding with Hosted Essentials + and Onboarding with Hosted Pro).

27.

Open the Service portal for the new service (Direct Routing > Edit Service).

28.

Navigate to the Microsoft 365 Settings page (Configuration > M365 Configuration).

29.

If you created a QOE application registration for enabling QOE Integration with Microsoft Teams, enter the details of the Application registration (see Add Microsoft Teams Connection (Direct Routing).

30.

Click Validate Authentication to validate the credentials of the tenant service with the App Registration. The Client Secret Days Until Expire value is displayed once the secret has been set for the first time.

31.

Open the Azure portal and in the Navigation pane, select App Registrations.

32.

Search for your new Token Application Registration, and then in the Navigation pane, select Manage > API permissions. View the new permissions created by the automatic script.

33.

Remove all of the above permissions as they are not required .

34.

If you wish to create additional service using the same registration, you must generate a separate additional Client secret. In the Navigation pane, select Manage > Certificates & Secrets.

35.

Click New client secret.

36.

Copy the secret value to notepad.

37.

In the search box in the Menu bar, type Microsoft Entra Roles and administrators.

38.

Search for the specific roles to add or remove according to the table above.