Prerequisites

The Dynamics 365 Finance and Operations connector supports OAuth 2.0 authentication with the following grant types:

• Client Credentials

• JWT Certificate Credentials

The following sections describe the configurations that must be performed for the supported authentication grant types.

Registering an Application on Entra ID

Registering the application generates the Tenant ID, Client ID, and Client Secret required for authentication. These are required for later processes.

Perform the following:

1. Use either of the following methods to access the Entra Management Portal to perform the configuration:

   • Microsoft Azure

   • Microsoft Entra admin center

2. Select Entra ID in the left pane.

3. Select App registrations.

4. Select New registration.

5. On the Register an application page, in the Name field, enter the name of the application that you want to set up.

6. Select Register. An Application is created.

   On the Application page the Application ID (Client ID) and Tenant ID are displayed.

7. On the left-hand panel, select Certificates & secrets. On the Certificates & secrets page, in the Client secrets section, select New client secret.

8. On the Add a client secret page, enter the Description to generate a secret, and select the validity duration in the Expires list. Select Add.

   Note the value of the client secret that you have just created.

Client Credentials

For the Client Credentials (default) grant type based authentication following are the required configurations:

• Obtain the Tenant ID, Client ID, and Client Secret from Microsoft Entra by registering the application.

JWT Certificate Credentials

JWT Certificate Credentials support Authentication based on JWT assertions prepared from Certificate and Private Key.

1. Obtain the Tenant ID and Client ID from Microsoft Entra by registering the application.

2. To create a self-signed or CA-signed type X.509 certificate and private key, perform the following steps to register the certificate with the Microsoft identity platform:

   Important
   The private key must be encrypted with the RSA algorithm and registered at the Entra portal.

   1. Log in to the Entra Portal.

   2. Select the client application.

      In the Entra app registration for the client application, select Certificates & secrets.

   3. Select Upload certificate and select the certificate file to upload.

   4. Select Add.

   5. Obtain values for the following configurations:

      • Certificate: Obtain the text file of the same certificate which was uploaded on the Entra portal.

      • Private Key: Obtain the private key text file.

      • Private Key Password

Additional Steps on the Finance and Operation Instance

Complete the following in the Dynamics 365 Finance and Operation source.

1. Create a Microsoft Entra ID application by providing the following details:

   • ClientID: Client ID must match the Client ID registered in Entra.

   • Name: Unique name to differentiate the application.

   • UserID: Select the user that is used to manage the connector operation.

     Note
     The selected user must be assigned to a security role that has the privileges defined in Required Permissions.