The D365 Business Central Connector supports both OAuth 2.0 Code Flow and OAuth 2.0 Client Credentials and requires the following credentials or information for authentication.
| Parameter | Description | OAuth2.0 Code flow | OAuth 2.0 Client Credentials |
| Client ID | The Application (client) ID assigned when the application is successfully registered (noted in step #9 below.) Specifies the client ID of the application that is registered in Azure Active Directory. To find the application's client ID: from the Azure Management Portal, click Active Directory, click the directory, click the application, and then click Configure. |
X |
X |
|
Client Secret |
The Client Secret value captured in step #10 below |
X |
X |
|
Redirect URI |
The URI that you provided in step #8 during the app registration process. This specifies the reply URL of the application. The value must match the value of the redirect_uri parameter in the authorization code request. To find the application's reply URL, in the Azure Management Portal, click Active Directory, click the directory, click the application, and then click Configure. |
X |
|
|
Resource |
The App ID URI of the web API (secured resource). To find the App ID URI, in the Azure Management Portal, click Active Directory, click the directory, click the application, and then click Configure. |
X |
X |
|
Tenant ID |
The Directory (tenant) ID that displays when app registration is successful (see step# 9 below). |
X |
X |
For the Authorization Code Grant flow and Client Credentials flow, use the Azure Management Portal to register the application in your Azure AD tenant to obtain ClientID, Client Secret, and Redirect URI.
Take these steps to register an application in your Azure AD tenant:
- Sign in to the Azure portal using either a work or personal account.
- If your account gives you access to more than one tenant, select your account in the upper right corner. Set your portal session to the Azure AD tenant that you want.
- Search for and select Azure Active Directory. Under Manage, select App registrations.
- Select New registration.
- In Register an application, enter a meaningful application name to display to users.
- Specify who can use the application. For more information, please refer to https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-a-new-application-using-the-azure-portal
- Under Redirect URI (optional), select the type of app you're building: Web or Public client (mobile & desktop). Then enter the redirect URI, or reply URL, for your application.
-
- For web applications, provide the base URL of your app. For example, https://localhost:31544 might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
- For public client applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application, such as myapp://auth.
- For web applications, provide the base URL of your app. For example, https://localhost:31544 might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
Examples of web applications or native applications can be found in the quickstarts on the Microsoft identity platform.
-
- When finished, select Register.
Azure AD assigns a unique application, or client, ID to your app. The portal opens your application's Overview page. To add capabilities to your application, you can select other configuration options including branding, certificates and secrets, API permissions, and more.
- Once the app is created, from the listing page click on the App Name and then click on Certificates and Secrets -> New Client Secret and follow the steps on the screen to capture the Client Secret.
- Add the APIs to which the registered app will have access. Click on API Permissions -> Add a permission. For Microsoft Dynamics 365 Business Central, Dynamics 365 Business Central permissions need to be provided.
Note: The below steps are required to work with the client credentials flow explicitly. - Click on Overview and then navigate to the Redirect URIs screen.
- Select Access Tokens under Implicit grant and hybrid flows.
- Open the Business Central application and search for Azure Active Directory and click on the first link that appears.
- Click the New option.
- Enter the below details in the following screen.
- Enter the Client ID from the above steps.
- Enter the description
- Select the state as Enabled.
- Under the User Permissions Sets section, select the Permission Set as SUPER(DATA)
Comments
0 comments
Please sign in to leave a comment.