Azure

Azure AD can be configured to automatically provision phone directories within NEONNOW. In addition, if those users are Microsoft Teams users, NEONNOW can surface the user status (presence) of the Teams users.

info

It is assumed the user has a level of proficiency with Azure AD.

The following are a list of pre-requisites for this integration:

NEONNOW Admin Access – to configure the new NEONNOW directory
Azure Portal admin access – to configure a new enterprise application to to grant permission to the NEONNOW application if presence sync required.
Azure Portal user & group setup – an Azure AD security group (user group) should be set up, that your users are members off.
All users that will be ingested should have a valid E164 phone number configured – note – this phone number field should have any spaces removed to ensure the Call History search functions correctly in NEONNOW

Adding a New External Directory

Once the pre-requisites are complete, to add a new Directory click the Add Directory button on the Contact Centre > Customise > Integrations > External Directories page. If you have not added any other external directories, this button will be in the middle of the page, otherwise, the top right as per the screenshot below.

External directories list

External directories list page in admin

New Directory Setup

Enter a meaningful name & select Azure Active Directory then select Next Step:

Create directory step 1

Take a note of the security token (save it somewhere secure) that is displayed and expand SCIM Configuration and save the base URL. You will need these later in the setup (but you can come back to it). Then, select the Next Step option.

Create directory step 2

With Teams Presence

Select Sync Presence
Select the Sign In to Microsoft Azure with admin privileges
Select Accept on the Azure AD auth window. Once access is granted, you will be redirected back to the NEONNOW Wizard. Click Finish.

Create directory step 3

Azure access request

Without Teams Presence

Simply select Don't Sync Presence and click Finish.

Setup On Azure

Now the NEONNOW configure is complete, it is time to configure the SCIM application in the Microsoft Azure Portal.

Creating the Application

Sign in to the Azure portal.
Browse to Azure Active Directory > Enterprise applications.
A list of all configured apps is shown, including apps that were added from the gallery.
Select + New application > + Create your own application.
Enter a name for your application, choose the option “integrate any other application you don't find in the gallery” and select Add to create an app object. The new app is added to the list of enterprise applications and opens to its app management screen. Name the application something like NEONNOW_SCIM.

Azure create application

Creating a new application in Azure AD

Setting Up The App

In the app management screen, select Provisioning in the left panel.
In the Provisioning Mode menu, select Automatic.
Enter the provisioning URL and token that you saved from NEONNOW Admin, and click Test Connection. Per below this should return a success.
Click Save.

Azure create application Configuring application provisioning settings in the Azure portal

SCIM Attribute Mappings

Expand Mappings, then select Provision Azure Active Directory Users:

Azure app mappings expanded

Configure the SCIM mappings as per the below: Note. you can utilise a separate phone number field if required

Azure application scim mappings

You can also reference the NEONNOW mappings in the directory wizard screen, which contains the following information:

Azure AD User Property	Azure AD Attribute	SCIM Attribute
User principal name	userPrincipalName Required string	userName
Object ID	objectId Required string	externalld
Business phone or Mobile phone	telephoneNumber or mobile Optional E164 string	phoneNumbers[type eq "work"].value
First Name	givenName Optional (surname provided) string	name.givenName
Last Name	surname Optional (given name provided) string	name.familyName
Email	mail Optional string	emails[type eq "work"].value
Title	jobTitle Optional string	title

Once the mapping is complete, it's time to assign users and start provisioning. From the screen below, click Add user/group to add users (or better, a group).

Azure application users and groups

To enable provisioning, click Start Provisioning

Azure application summary

Once the initial cycle has started, you can select Provisioning logs in the left panel to monitor progress, which shows all actions done by the provisioning service on your app. For more information on how to read the Azure AD provisioning logs, see Reporting on automatic user account provisioning.

Revoking Azure Access for Teams Presence

On step 3 of the Azure AD Teams directory wizard, access is granted to your Azure Tenant from our NEONNOW centralised Enterprise Application. To remove/revoke access, two actions must be taken:

Select Remove Access to Azure on page 3 of the admin external directory wizard above
Sign in to your Azure AD, and navigate to Enterprise Application. Find the application <ProductName />, then select Properties > Delete in the top title bar.

External Directory Contacts in NEONNOW

External contacts should now load in the Organisation tab of Directory within NEONNOW. Selecting a contact avatar will display more information about the contact, including the current status (presence) of the external user in Teams.

info

You may need to reload NEONNOW if the directory did not exist when it was first loaded.

contact overlay

More information about a contact, including teams presence

Adding a New External Directory​

New Directory Setup​

With Teams Presence​

Without Teams Presence​

Setup On Azure​

Creating the Application​

Setting Up The App​

SCIM Attribute Mappings​

Revoking Azure Access for Teams Presence​

External Directory Contacts in NEONNOW​