Prerequisites

The Microsoft Dynamics 365 CRM SaaS connector supports OAuth 2.0 authentication with the following grant types:

• Client Credentials

• JWT Certificate Credentials

Following sections describe the configurations that must be performed for the above grant types.

Registering an application on Microsoft Entra ID

Perform the following:

1. User can use any of the following Azure Management Portal to perform the configuration:

   • Microsoft Azure

   • Entra ID Admin Center

2. Select Entra ID in the left pane.

3. Select App registrations.

4. Select New registration.

5. On the Register an application page, in the Name field, enter the name of the application that you want to set up.

6. Select Register. An Application is created.

   On the Application page the Application ID (Client ID) and Tenant ID are displayed.

7. On the left-hand panel, select Certificates & secrets. On the Certificates & secrets page, in the Client secrets section, select New client secret.

8. On Add a client secret page, enter the Description to generate a secret, select the validity duration in the Expires list. Select Add.

   Note the value of the client secret that you have just created.

Client Credentials

For the default Client Credentials grant type based authentication, following are the required configurations:

• Obtain Tenant ID, Client ID, Client Secret from Azure Active Directory by registering the application (steps mentioned in Registering an application on Microsoft Entra ID).

JWT Certificate Credentials

JWT Certificate Credentials supports Authentication based on JWT assertion prepared from Certificate and Private Key.

1. Obtain Tenant ID and Client ID from Azure Active Directory by registering the application (up to step 6 mentioned in Registering an application on Microsoft Entra ID).

2. To create a Certificate(self-signed or CA signed) of type X.509 and Private Key must be encrypted with RSA algorithm and registered at the Azure portal. Perform the following steps to register the certificate with the Microsoft identity platform:

   1. Login to Azure Portal.

   2. Select the client application.

      In the Azure app registration for the client application, select Certificates & secrets.

   3. Select Upload certificate and select the certificate file to upload.

   4. Select Add.

   5. Obtain values for the following configurations:

      • Certificate: Obtain the text file of the same certificate which was uploaded on the Azure portal.

      • Private Key: Obtain the private key text file.

      • Private Key Password

Creating an Application User on CRM

Perform the following.

1. Open Dynamics 365 CRM portal.

2. Select Settings on top right and go to Advanced Settings. A new tab opens.

3. Go to Settings on new tab, then go to the Security option under System.

4. In Features, select Users.

   From the drop-down menu select Application Users and then select New. A form to create new user opens.

5. Select the user type as Application User again and provide User Name and Application ID.

   Application ID would be the Client ID of the Application registered in Entra ID previously.

6. Save the form.