Obtaining connection values for Microsoft Dynamics 365 for Sales

About this task

This topic provides instructions for obtaining the connection values for the Microsoft Dynamics 365 for Sales connector.

To generate these values and connect to Microsoft Dynamics 365 for Sales, you need to register an application with the required permissions in Microsoft Azure, which enables App Connect to integrate with Microsoft Dynamics 365 for Sales by using APIs and protocols.

Procedure

  1. To register an application with Microsoft Azure, for use with App Connect:
    Note: Choose the applicable steps based on the authorization method that you selected.
    1. Log in to the Microsoft Azure portal, and then click App registrations.
    2. If you have access to more than one tenant, switch to the tenant where you want to register the app by using the Directories + subscriptions filter in the banner and then click the Close icon (X) to return to the previous page.
    3. In the App registrations page, click New registration.
    4. In the Register an application page, specify a unique name for your app, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) as the account type, and accept the default values for the remaining fields.
      Figure 1. Microsoft Azure registering an application window
      The image is described in the surrounding text.
    5. Click Register. The Overview page for the application is displayed.
      Overview page for the registered application
    6. Make a note of the Application (client) ID value because you need to specify it as a connection value when creating the account (by using either OAUTH2_PASSWORD or BASIC_OAUTH authorization) in App Connect.
  2. To generate a client secret for your registered application:
    1. Next to Client credentials on the Overview page, click Add a certificate or secret. This displays the Certificates & secrets page.
    2. Click New client secret.
    3. In the Add a client secret panel, specify a description for the secret (for example, App Connect secret) and then select an expiry period.
    4. Click Add. The generated client secret is displayed on the Certificates & secrets page.
    5. Generated client secret for the registered app
    6. Copy and store the client secret value because you need to specify it as a connection value when creating the account (by using either OAUTH2_PASSWORD or BASIC_OAUTH authorization) in App Connect. If you are using BASIC_OAUTH authorization, you'll also need to specify the client secret value while generating access and refresh tokens.
      Note: The client secret value won't be shown again in full after you leave this page.
  3. Configure the permissions that App Connect needs.
    1. In the left pane, click API permissions and then click Add a permission > Microsoft Graph > Delegated permissions.
    2. Select the following permission, and then click Add permissions.
      Permissions Type Description
      User.Read Delegated Sign in and read user profile
    3. In order to add the rest of the permissions required, go to Add a permission > Dynamics CRM > Delegated permissions.
    4. Select the following permission, and then click Add permissions.
      Permissions Type Description
      user_impersonation Delegated Access Common Data Service as organization users
    5. If the status of any permission is shown as Not granted for myDomain, click Grant admin consent for myDomain, where myDomain is your domain name. Then click Yes to confirm. (This updates the status of all permissions to Granted for myDomain.)
      Required permissions for the registered app
  4. If you want to connect by using BASIC_OAUTH authorization, use an application such as IBM API Connect Test and Monitor or Postman to submit a POST request to generate an access token and a refresh token that will be used to interact with Microsoft Dynamics 365 for Sales on your behalf. Specify the following parameters:
    • Request URL: 
      https://login.microsoftonline.com/organizations/oauth2/v2.0/token
    • Content-Type: application/x-www-form-urlencoded
    • Request parameters:
      Key Value
      client_id Set this to the Application (client) ID value that was generated for your registered app.
      scope Directory.ReadWrite.All offline_access
      grant_type password
      client_secret Set this to the client secret value that was generated under Certificates & secrets for your registered app.
      userName Set this to the username that was used to log in to the Azure portal.
      password Set this to the associated password for the username.