Assign account permissions

The first step is to assign account permissions to the service account to allow it to provide Rooms access to the calendars. The permissions required are presented somewhat differently in the Azure Active Directory views. These are the permissions Rooms needs to function as seen from the Azure Active Directory:

The service account needs the corresponding permissions to be able to access the calendars as Rooms.

To do this, we do the following:

  1. Open up the Microsoft Azure admin portal as a Global Administrator: https://portal.azure.com/

2. Open the Azure Active Directory service page

3. From the Users panel select the new service account. You’ll be using an existing user in your O365 tenant.

4. In the Assigned roles view add the following assignments - note it typically takes a few seconds for an assigned attribute to appear as set:

  1. Attribute assignment administrator

  2. Attribute assignment reader

  3. Cloud application administrator

  4. Reports reader

Delegate access to the service account

  1. Navigate to Exchange in the admin center

https://admin.microsoft.com/Adminportal/Home?source=applauncher#/users#%2F

2. Find the room to be managed by Envoy Rooms and Click the pen icon to edit the resource

3. Add the service account to Full Access by clicking the + button

4. Connect your account to Envoy

Setting up Envoy Rooms on the Dashboard

Note: In our testing, the Delegate Access took 2 days to propagate on Microsoft Exchange.

  1. Connect the service account to Envoy Rooms

Here are the permissions we ask for when using this method:

Please make sure you log in as the service account before clicking this link on the Dashboard.

Note: Rooms can take 24-48 hours to populate with this method of connection.

Did this answer your question?