Wednesday, April 6, 2022

Azure vSBC App Registration for Teams Direct Routing

For virtual SBC to be connected with the M365 Tenant and this will be done via Azure App Registration - Direct Routing SBA - Microsoft Teams | Microsoft Docs

above article shows given the requirement but thought it will be better if someone write about the steps 

It has 4 major steps (Not really major :) )

1. Register the application

2. Set the implicit grant tokens

3. Set the API permissions 

4. Create the client secret

However, for above steps even to start you will required the Azure Tenant Permission after you create the vSBC on it. 

Following screen you will receive if permission is not available when you try to create an app on Azure AD










Permission require: for this question to answer wont be able to find it on above Direct Routing SBA article and it will be mention on this - Quickstart: Register an app in the Microsoft identity platform - Microsoft Entra | Microsoft Docs

Once you have above permission/one of the permission 

Cloud Application/Application administrator or Developer

Access the portal - https://portal.azure.com or https://aad.portal.azure.com 








Create App registration and provide a name for Application. select the account/tenant name and click register.

Redirect url can be optional at this point 




There will be Application (client) ID, Object ID, Directory (tenant) ID will be there. 






Next we will required to add the platform and it is under authentication section. Select authentication and click add platform on that windows will take us to  platform types and we will required to choice web and provide/insert url given in the Microsoft Article provided.


Web option selected in the following step 









make sure check the following options in the implicit grant and hybrid flows and click configure. 















Next will be API Permission 
Go to the API Permission and click add permission.









This take us to REQUEST permission section and it will have following options and we will required to select API my organization uses. 

You will be able to search existing list of which is my org/tenant already have and in use. 

Look for Skype and Teams Tenant Admin API 












Required to provide permission for application in the following section 


Once you add it will shows grant pending permission and it should be grant manually this section itself. 


Next will be Application secret 


Go to the certificates and secrets section and 


Select the New client secret and add the name for the secret and define the expiration period. In my case i added 24 months since my public cert also 12 months renewal. So its good to aware we have some stuffs and expiration while IT folk are in sleep :) 







this will provide the Client Value and Secret ID and which we need for SBC configuration. Following window might be different from Ribbon to AudioCodes however both required Azure App registration for vSBCs.

Classic mistake i did was coping the Secret ID provided below because in Microsoft article says Application (Client ID) and Client secret. 

Following is from Azure App registration. 


I copied the Secret ID (which is wrong) instead of that it should be Value should be copied and thats the client secret.

Thanks to Nathan, he had a chance to work on App registration for another product prior and he was showing the mistake.







No comments:

Post a Comment

Azure vSBC App Registration for Teams Direct Routing (Cont)

Teams SBA registration was showing different errors due to couple reasons and this article share the experience i went through on that.  Thi...