1. Foreword

With the introduction of Federated authentication between Swyx and Microsoft Azure AD, the need arose to grant the service the necessary rights from the Azure Active Directory (AAD). Same is needed for presence status synchronization between MS Teams and Swyx.

To support administrators performing these actions and simplify efforts, Enreach has developed a PowerShell script that makes the necessary configurations in Azure AAD automatically.

2. Prerequisites

2.1 Connect to your Azure Active Directory (AAD)

Please make sure you have a stable internet connection to your Azure Active Directory (AAD).

2.2 Access rights to your Azure Active Directory (AAD)

The account you use must have administrative rights to your Azure Active Directory (AAD).

2.3 PowerShell

Please update your PowerShell environment to version 5.1 or higher.

2.4 .NET Framework

Please update your .NET Framework to version 4.7.2 or higher.

2.5 PowerShell GET Modules

Please update your installed PowerShell GET module via the command:

Install-Module PowerShellGet -Force

NOTE: You may be prompted to install and import a NuGet provider. Please confirm this request with 'Yes'.

2.6 Customize PowerShell Script Execution Policy

Please adjust the policy for executing PowerShell scripts with the following command:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

2.7 Installing the Microsoft.Graph PowerShell Module

Please install the Microsoft.Graph PowerShell module required for script execution with the following command:

Install-Module Microsoft.Graph -Scope CurrentUser

Or refer to the Install the Microsoft Graph PowerShell SDK (External Link) for installation instructions.

NOTE: You will receive a message that the module is from an untrusted repository. Follow the suggested action or confirm this request with 'Yes'.

3. Script execution

The script will guide you through the individual steps of the configuration. Please note that you need some of the information that is displayed during the script run for later configuration in the Swyx Control Center (SCC).

3.1 Step-By-Step

Step 1: Run Powershell as Administrator

Step 2: Ensure all necessary modules (s. Prerequisites) are installed

Step 3: Run the PowerShell - Script by calling the following command:

.\RegisterAppForAppOnlyAuth.ps1 -AppName "MyOwnAppReg" -GraphScopes "User.Read.All","Calendars.Read","Contacts.Read","People.Read.All","Mail.Send".\RegisterAppForAppOnlyAuth.ps1 -AppName "MyOwnAppReg" -GraphScopes "User.Read.All","Calendars.Read","Contacts.Read","People.Read.All","Mail.Send"

NOTE: “MyOwnAppReg” parameter can be adjusted according to your wishes

Expected result [Example]:

SUCCESS
Application ID: cb0c33d2-dd42-4145-b802-761a21453d11
Tenant/Domain ID: 0290a166-f33a-4a08-bee8-1eb799527a1d
Client secret: ...
Secret expires: 5/2/2026 7:22:31 AM
OpenID Connect Metadata Document:
https://login.microsoftonline.com/0290a166-f33a-4a08-bee8-1eb799527a1d/v2.0/.well-known/openid-configuration

Step 4: Store following values for later configuration:

• Application ID
• Domain ID
• Client secret 
• Meta Document URL

3.2 Rights substantiations

4. Configuration in Swyx Control Center

Use stored values to configure Identity Provider in Swyx Control Center

• Application ID
• Domain ID
• Client secret 
• Meta Document URL

For details refer to Swyx Control Center Documentation (Chapter 4.20):https://help.enreach.com/controlcenter/14.25/web/Swyx/en-US/#page/help/chap_serverconfiguration.06.29.html

• EntraID_PowerShell_Configuration.zip200 KB