Setup

1. Create or sign into your Office 365 account

2. Add Hyphen application

Microsoft Cloud Shell Documentation

Open Microsoft Cloud Shell

Execute the following command:

az ad sp create --id d0dee104-994b-4791-b7c8-8699727d45a4

You should see in the response that the verifiedPublisher contains Hyphen AI Inc with id 6875541.

3. Copy your tenant ID

Copy the tenant ID for the Microsoft account you would like to use.

4. Create Hyphen role

In the Microsoft 365 Cloud Shell, enter the following command, replacing ###TENANT_ID### with the tenant ID you copied in the previous step:

az role definition create --role-definition '{
    "Name": "Hyphen",
    "Description": "Create and manage resources via Hyphen",
    "AssignableScopes": [
        "tenants/###TENANT_ID###"
    ],
    "Actions": [
        "Microsoft.Authorization/roleAssignments/write",
        "Microsoft.Authorization/roleAssignments/delete",
        "Microsoft.Authorization/roleAssignments/read",
        "Microsoft.Resources/tenants/read",
        "Microsoft.Resources/tenants/resourceGroups/read",
        "Microsoft.Resources/tenants/resourceGroups/write",
        "Microsoft.Resources/tenants/resourceGroups/delete"
    ],
    "NotActions": [],
    "DataActions": [],
    "NotDataActions": []
}'

5. Assign Hyphen role

In the Microsoft 365 Cloud Shell, enter the following command:

Note: Replace the ##TenantId## with the tenant ID where you will have Hyphen deploy resources.

az role assignment create --assignee  --role "Hyphen" --scope tenants/###TENANT_ID###

6. Grant Hyphen application admin consent

Grant Application Consent Documentation
In the Microsoft 365 Admin Center, search for Hyphen Dev in the search box, and select the Hyphen Enterprise Application.
Go to Security > Permissions.
On the permissions page, click the Grant admin consent for Default Directory button.
Doing so will grant these permissions:
- Directory.Read.All
- Group.Read.All
- User.Read.All

7. Copy and paste your application ID

Go to Overview and copy the Application (client) ID of the Hyphen application.

8. Add Enterprise Application tag

In the Microsoft 365 Cloud Shell, enter the following command, replacing ###APPLICATION_ID### with the ID you copied from the previous step. This will add the Enterprise Application tag to the Hyphen application:
```
az ad sp update --id ###APPLICATION_ID### --set 'tags=["WindowsAzureActiveDirectoryIntegratedApp"]'
```
Note: When browsing the Enterprise Applications Blade, you may need to remove the "Enterprise Applications" filter to see the Hyphen application.

9. Connect Tenant

On the Office 365 Integration page in the Hyphen portal, test and connect the Office 365 integration.

Configuration

Field	Type	Description
`azureTenantId`	`string` (required)	Azure Tenant ID provided by the user for authentication purposes.
`name`	`string`	Display name pulled during integration setup for reference purposes.

Connections

Distribution List

Distribution list connections link to existing Azure Groups or create a new group if none is provided.

When creating a new group, the name will match the Hyphen Organization, Team, Project, App, or Project Environment name.

Configuration

Field	Type	Description
`groupId`	`string`	Unique group ID in Azure, used for reference and future calls.
`groupName`	`string`	Group name in Azure, used for display and future requests.
`emailAddress`	`string`	Group email address in Azure, used for display.

Connection Input

Provide the Azure group ID to connect to an existing Group.

Verification

A verification email will be sent to the group email address to confirm ownership for existing groups.

Access

A Member connection will be added as a member when included in the group.

User

User connections link to existing Azure Users. If no input is provided, the member email will be used to search for an existing User.

Configuration

Field	Type	Description
`userId`	`string`	Unique user ID in Azure.
`email`	`string`	Unique user email in Azure.

Connection Input

Provide the Azure user email to connect to an existing User.