Adding the Teams Tokens and Permissions

This article will provide a walkthrough of adding the needed tokens, permissions and secrets for the Team Integration.

This process will take place after the Phone System and other integrations such as our 1Stream connection (if applicable) have been provisioned and setup. To start the integration process, please be logged into the bvoip portal and have your Azure application with administrative access open. 

• Setting the Tokens
• Granting Permissions and Secrets

Setting the Tokens

1. Log into the Azure Active Directory Portal in a separate browser.
2. Select the Azure Active Directory option.
3. Go to the App Registrations section.
   
4. Click on New Registration. 
   
5. In the Name field, input bvoip-msteams-integration.
6. Go to the Supported Account Types section.
7. Select the Accounts in this Organizational Directory Only option.
8. Go to the Redirect URL section.
9. Select Web in the drop-down. 
10. In the textbox beside the web drop-down, input the redirect URI from the bvoip phone system.
11. Click the Register button.
    

Granting Permissions and Secrets

1.  In Azure, go to the API Permissions section.
   
2. Click Add a Permission.
3. Go to the Microsoft APIs section.
4. Select the Application Permissions option at the Request API Permissions prompt.
5. Click the Microsoft Graph icon. You will then be able to add the following permissions:
   1. Under the User subsection:
      1. User.Read
      2. User.Read.All
      3. UserReadWrite.All
   2. Under the Domain subsection:
      1. Domain.ReadWrite.All
      2. Domain.Read                                                                 
   3. Under the Calendars subsection:
      1. Calendars.Read
   4. Under the Mail subsection:
      1. Mail.Send
   5. Under the Contacts subsection:
      1. Contacts.Read
6. Click on the Add Permissions button.
   
7. Click on Grant Admin Content. A confirmation pop-up will appear.
8. Click on Yes to confirm Permissions.
9. Navigate to the Certificates and Secrets section. 
10. Go to the Client Secrets tab.
11. Click on the New Client Secret button.
    
12. Go to the Client Secrets tab.
13. Click on New Client Secret button. The Add Client Secret side menu will then appear.
14. In the Description field, type in PBX Secret.
15. In the Expires field, select 24 months. 
16. Click the Add button. The Client Secret will then be listed under the value column.
17. Copy the Value shown under the Value column into a notepad.
18. Go back to the bvoip Phone System.
19. Go to the Integrations menu.
    
20. Select the Microsoft 365 option.
21. Go to the Configure tab.
22. Click on the Generate New Key Pair button. A certificate will then be downloaded to your device.
    
23. In Azure, go to the Certifications and Secrets section. 
24. Select the Certificates tab.
25. Click on the Upload Certificate button. A pop-up window will appear to upload the downloaded certificate. 
26. Click the Add button.
27. Go to the Overview section in Azure. 
28. Copy the Directory (Tenant) ID and paste it into a notepad. 
29. Copy the Application (Client) ID and paste it into a notepad.
30. Go back into the bvoip phone system. 
31. Paste the Secret Value, Application and Directory IDs into their correlating fields. 
32. Click on the Save Changes button. 
33. Click on the Log into Microsoft 365 button. You will then be prompted to log into Azure as the main administrator and accept the permissions request. 

After the above has been completed, then there are two paths to be taken, depending on if you are completing the Teams or Microsoft 365 integration.