Prerequisites

Dynamics 365 Finance and Operations connector supports OAuth 2.0 authentication with the following grant types:

• Client Credentials

• JWT Certificate Credentials

Following sections describe the configurations that must be performed for the above grant types.

Registering an application on Azure Active Directory

Perform the following:

1. User can use any of the following Azure Management Portal to perform the configuration:

   • Microsoft Azure

   • Azure Active Directory admin center

2. Select Azure Active Directory in the left pane.

3. Select App registrations.

4. Select New registration.

5. On the Register an application page, in the Name field, enter the name of the application that you want to set up.

6. Select Register. An Application is created.

   On the Application page the Application ID (Client ID) and Tenant ID are displayed.

7. On the left-hand panel, select Certificates & secrets. On the Certificates & secrets page, in the Client secrets section, select New client secret.

8. On Add a client secret page, enter the Description to generate a secret, select the validity duration in the Expires list. Select Add.

   Note the value of the client secret that you have just created.

Client Credentials

For the Client Credentials (default) grant type based authentication following are the required configurations:

• Obtain Tenant ID, Client ID, Client Secret from Azure Active Directory by registering the application (steps mentioned in Registering an application on Azure Active Directory).

JWT Certificate Credentials

JWT Certificate Credentials supports Authentication based on JWT assertion prepared from Certificate and Private Key.

1. Obtain Tenant ID and Client ID from Azure Active Directory by registering the application (up to step 6 mentioned in Registering an application on Azure Active Directory).

2. To create a Certificate (self-signed or CA signed) of type X.509 and Private Key must be encrypted with RSA algorithm and registered at the Azure AD portal. Perform the following steps to register the certificate with the Microsoft identity platform:

   1. Login to Azure Portal.

   2. Select the client application.

      In the Azure app registration for the client application, select Certificates & secrets.

   3. Select Upload certificate and select the certificate file to upload.

   4. Select Add.

   5. Obtain values for the following configurations:

      • Certificate: Obtain the text file of the same certificate which was uploaded on the Azure portal.

      • Private Key: Obtain the private key text file.

      • Private Key Password

Additional Steps on Finance and Operation Instance

1. Create an Azure Active Directory Application by providing the following details:

   • ClientID: Client ID must match the Client ID registered in Azure Active Directory.

   • Name: Logical name to differentiate the application.

   • UserID: Select the user that would be used to manage the connector operation.

     Note
     The selected user must be assigned to a security role that must have the privileges defined in Required Permissions.