search
Go to mago.io website

Authenticated Calls with Microsoft Teams

hashtag
Setup scenarios

hashtag
Requirements

To enable authenticated calls with Microsoft Teams, the following prerequisites must be met.

1

hashtag
Administrator approval

The "Mago" application must be approved in the Microsoft tenant.

During the first authentication attempt, users will be prompted to sign in with their Microsoft account and grant permissions to the Mago application. Depending on the organization’s security policies, a Microsoft 365 administrator may need to approve the application for the entire organization.

Administrators can review and approve the application from the Microsoft Entra / Azure portal.

The Mago application is distributed through the Azure Marketplace and must be approved before users can authenticate and join meetings using their Teams identity.

Approving the application allows Mago to:

• authenticate users with Microsoft • access meeting information when required • join Teams meetings using the authenticated identity

See Microsoft 365 for the full guide on how to approve the Mago enterprise application.

2

hashtag
Azure Communication Services service principal

Microsoft Teams interoperability for third party applications relies on Azure Communication Services (ACS).

To allow authenticated calls, the Microsoft tenant must contain the Azure Communication Services service principal. This component allows applications to authenticate Teams identities and join meetings through the Microsoft communication APIs.

hashtag
🔍︎ Checking if the Azure Communication Services service principal is installed

An administrator can verify whether the ACS service principal already exists in the tenant.

  1. Sign in to the Microsoft Entra admin center https://entra.microsoft.comarrow-up-right

  2. Navigate to:

    Enterprise Applications → All Applications (Direct link here)arrow-up-right

  3. Clear any filters that may be applied.

  4. In the search field, search for:

    Azure Communication Services

If the application appears in the list, the ACS service principal is already installed and no further action is required.

hashtag
✅ Installing the Azure Communication Services service principal

If the ACS service principal is not present in the tenant, it must be created by an administrator.

hashtag
Step 1. Open PowerShell

Open a PowerShell session with administrative privileges.

hashtag
Step 2. Install the Azure AD module (if not already installed)

hashtag
Step 3. Connect to the Microsoft tenant

Replace TENANT_ID with your tenant ID. Find your tenant ID herearrow-up-right.

A Microsoft authentication window will appear where the administrator must sign in.

hashtag
Step 4. Create the Azure Communication Services service principal

Run the following command:

This registers the Azure Communication Services service principal in the tenant and enables authenticated Teams calls for supported applications.

3

hashtag
Microsoft Teams license

An account with an active Microsoft Teams license is required in order to authenticate and join Teams meetings. The specific license type depends on the organization’s Microsoft 365 subscription.

hashtag
When authentication is not configured

If authentication is not enabled, Mago can still join meetings as a guest participant.

In this scenario:

• the system may enter the meeting lobby • the participant appears as a generic device name • some meeting features may behave differently depending on the host organization’s policies

PreviousAuthenticated CallsNextNetwork requirements

Last updated

Was this helpful?