Microsoft Online Device Registration with OAuth 2.0 via 3rd party Azure application ID

April 26th, 2019 | Tags:

Yesterday Microsoft published a blog article, which announced their plans to revoke support for the existing Azure application ID leveraged by their 3rd party device vendors.

The existing application ID is embedded within each respective device firmware and today this is pointed at an Azure application hosted within Microsoft’s tenant. Microsoft’s goal here is for each respective device vendor to deploy their own Azure application with the permissions required for the device to register to Azure Active Directory.

The change from a device standpoint is a simple one and speaking from a Poly perspective, my employer, we’ve tested this across our VVX, Trio and Group Series lines of product. However…once this change is implemented within our firmware it requires that the customer or specifically the customer’s administrator, performs a tenant-wide consent as our Azure application is not whitelisted like Microsoft’s.

This consent would grant the Poly Azure application with the rights required to perform authentication on behalf of the device against the respective customer’s Azure Active Directory.

Full list of rights can be seen below:

I will update this post as soon as Poly have a date for each respective device firmware, but rest assured our friends at Microsoft won’t pull the plug on the existing application ID until this transition is completed.

In the meantime for those that want to be ahead of the curve the Poly consent URL is here.

Timelines for updates below, please note these are targets and could be subject to change. Also note: prior to upgrading to these releases online customers must perform the consent via the URL above.

Device nameSoftware VersionTimeline
VVX Phones5.9.3Mid-May
Poly Trio5.9.0 Rev ABMid-May
Group Series6.2.1.1Mid-June