4.20 Federated services via identity providers
If your company uses the services of the identity provider Auth0 or Microsoft Entra ID you can integrate the functionality offered by these providers into SwyxWare.
|
Identity Provider
|
URL to the user documentation
|
|---|---|
|
Auth0
|
|
|
Microsoft Entra ID
|
Functionality
Auth0 and Entra ID support federated authentication. This enables automatic logon to SwyxServer, see 9.2 Authentication for clients.
Federated authentication can only be used by users with the "Premium" or "Professional" feature profile.
If federated authentication is enabled for the server, it is not possible to log in with a Windows user account: Users without a license can only log in with a user name and password.
If federated authentication is enabled for the server, it is not possible to log in with a Windows user account: Users without a license can only log in with a user name and password.
Further functions with Microsoft Entra ID
Contact synchronizationThe contacts of the Entra ID identity that appear in the "relevant" or "working with" person list are considered: Synchronized contacts are used in the resolution of phone numbers to names like private personal phonebook entries.
(Further information on the People API: learn.microsoft.com/en-us/graph/people-insights-overview)
(Further information on the People API: learn.microsoft.com/en-us/graph/people-insights-overview)
Calendar SynchronizationThe availability information for the current and next day is displayed on the contact card in SwyxIt! Classic (e.g. "Free until 13:30. Then booked until 14:30").
Teams Presence SynchronizationThe display of status information ("Logged out", "Reachable", "Speaking", "Do not disturb", "Away") is synchronized with the data from Microsoft Teams. Synchronization can take place in both directions depending on the setting; for more detailed information, see 4.20.1 Microsoft Teams presence synchronization.
Contacts are synchronized hourly for each individual user.
Calendar and Teams presence information is synchronized every 3 to 5 minutes for each individual user.
Under General settings | Federated Services, you can initiate the synchronization of the functions you have activated manually and for all users at the same time. To do this, click on the Start synchronization button above.
Calendar and Teams presence information is synchronized every 3 to 5 minutes for each individual user.
Under General settings | Federated Services, you can initiate the synchronization of the functions you have activated manually and for all users at the same time. To do this, click on the Start synchronization button above.
Requirements:
You must have an account with an identity provider that you can manage yourself.The SwyxWare application must be configured in your identity provider account and have the appropriate authorizations, see 4.20.2 Set up Entra ID for federated services in the Azure portal.All SwyxWare users who are to use federated authentication and any other functions must be configured in the user directory of your identity provider and assigned to the SwyxWare application.
Clients must have direct access to the identity provider service.
Make sure that port 443 is open to the outside.
Make sure that port 443 is open to the outside.
Auth0 only
The Auth0 authentication option must be activated for the SwyxIt! Classic installation.Entra ID - Teams presence only
For the Teams Presence function, the "MS Teams user status" option must be activated during the SwyxServer installation. As a result the corresponding SwyxServer service "SwyxMsTeamsPresenceSync" will be installed. help.enreach.com/cpe/latest.version/Administration/Swyx/en-US/#context/help/run_setup_$
The "MS Teams User Status" feature is not installed by default during the first installation or update.
If the SwyxMsTeamsPresenceSync-Service has not yet been installed, run the SwyxServer installation file again: In the first step, select the Modify option and in the next step, activate the MS Teams User Status function under Telephony. Then run the configuration wizard again.
Configuration in Swyx Control Center:
You need to create an identity provider configuration in Swyx Control Center, see 4.20.3 Create identity provider configuration.The desired identity provider configuration must be activated, see 4.20.4 Activate/delete identity provider configuration.For the desired SwyxWare users with the "Premium" or "Professional" function profile, federated authentication must be activated (via the Allow federated authentication option), see 9.5 Edit authentication settings.The user names (UPN) at the identity provider must correspond to the email addresses of the SwyxWare users. For Teams presence synchronization, the system uses the matching e-mail addresses to identify which network identity the SwyxWare user is assigned to. Make sure that the e-mail address entered in the user configuration matches the e-mail address (name.surname@company.com) of the corresponding identity provider account, see 9.3 Creating Users.
If the Entra ID assignment is activated and the user's UPN changes, the SwyxWare user's e-mail address is updated accordingly.
If the Entra ID assignment is activated and the Entra ID user account is deleted, the corresponding SwyxWare user is also deleted.
This option (Action to be performed when the Entra ID identity is removed) can be changed, see 4.20.6 Edit identity provider configuration.
This option (Action to be performed when the Entra ID identity is removed) can be changed, see 4.20.6 Edit identity provider configuration.