Hello,
There are multiple ways to authenticate the VoIP phone. I did this by using certificates or username/password (EAP-PEAP) combination. It depends on the 802.1x authentication methods the phone supports. I don't know the specifics from Avaya and/or if you can use a central management platform to push the authentication parameters.
Are you using downloadable user-roles on the switches with ClearPass, or do you configure the user-roles locally on the switch? Could you maybe provide some configuration snippets from the switch regarding AAA and the enforcement profiles on CPPM.
"Normally" you need to configure a role which places the VoIP phone in a tagged VLAN on the switch port and the client in an untagged VLAN. The user-role needs to be available on the switch if you use local user-roles or you push the user-role via ClearPass (downloadable user-role) to the switch.
I recently wrote a blog post on a "problem" with downloadable user-role and time sync. Maybe this helps you already with the AAA part of the configuration on the switch.