How to set up Permissions for Microsoft Calendar

Airtame Hybrid conferencing processes personal information of the user who authenticates with their personal calendar in order to allow for easy one-click-join of scheduled events from the user’s personal calendar. This information is only stored in memory while the application is running, and is immediately discarded upon termination. The user is able to revoke the permissions by signing out at any time.  

The Airtame Calendar Integration utilizes the below commands in order to pull calendar links.

How to set up calendar permissions

Once a user selects 'Sign in with Microsoft' a browser window pops up asking if the user wants to accept the Airtame Rooms Calendar Integration Application request.  When the request is accepted, a token is granted to the Airtame application allowing for meeting links to be imported.  

• In the Microsoft Admin Center, if allowed, an Administrator can allow for users to consent to applications on their own behalf instead of having to request or being denied access when granting access to their information.  This setting may be located under admin.microsoft.com > Settings > Org settings > Services page, and then select 'User consent to apps'.
  
•  

If there is an Admin Consent Workflow in place which requires users to request the ability to grant access to their information, then a Global Administrator must accept the user's request within the portal.azure.com > Azure Active Directory > Enterprise Applications > Admin Consent Requests

• If the user's attempts to grant access to their calendar are blocked and they cannot request access, this would indicate that the 'Airtame Rooms Calendar Integration App' needs to have access granted on behalf of the organization.  This will enable any user to authenticate with their Microsoft 365 calendar in order to enjoy a seamless call-joining flow.
  • • This may be accessed via portal.azure.com > Azure Active Directory > Enterprise Applications > Airtame Rooms Calendar Integration > Permissions
      
      • Specific API Commands
        • Name and email address - User.read 
        • Calendars - Calendars.read

By default when a user grants access to a 3rd party application, that application has a token validity length of 90 days.  After 90 days users will need to reauthenticate their calendar or the Airtame Application will say "Can't fetch calendar events" and prompt you disconnect, then reconnect the user's calendar.  In order to extend the length of this token past 90 days so users do not have to sign back in this often, an O365 administrator can create a custom policy for a period of their preference.  

• This may be accessed via portal.azure.com > Azure Active Directory > Enterprise Applications > Airtame Rooms Calendar Integration > Conditional Access > New Policy 

• When creating the policy you should assign it to any users who would need to use Airtame Hub.  Under 'Session', you should select '# controls selected', and then the 'Sign-in frequency' check box in order to define the validity length.

Microsoft Reference Documentation

• • Allow Users to Grant Consent
  • Configure Admin Consent Flow
  • Grant Tenant-Wide Admin Consent to an Application
  • Configure authentication session management with Conditional Access