In this article
Table of Contents |
---|
Overview
Snaps in this Snap Pack use the Azure the Azure portal for OAuth2 account to access the Dynamics 365 for Sales. For the OAuth2 account to function without any issue, ensure to (create and) authorize successfully, create, and configure an application corresponding to the account as explained in shown in the steps below. These steps also contain the information required to create/define a new OAuth2 account for use with this Snap Pack.
Create/Access your Azure Portal Application
- Log into the Microsoft Azure Portal.
- To create a new application, click Azure Active Directory under Azure Services.
- Click App Registrations under Create.
- Enter the Name and Redirect URI for the new app registration. Redirect URI is the URL of your SnapLogic server that uses this account.
OR
To use an existing application, select the application from the list in the App Registrations to select the application. - Click Register.
Locate/Define Information Required to Create your Snap Account
...
workflow.
...
Info |
---|
Steps one to three are done in the Azure Portal and the remaining steps are done in the Snap account (SnapLogic Platform). |
Prerequisites
An Azure account with a free subscription to create the application.
Key Steps in the Workflow
Create an Application in the Azure Portal
Log in to the Microsoft Azure Portal.
Navigate to Azure services > Microsoft Entra ID.
Navigate to Add > App registration.
On the Register an application page, specify the name for registering the application and click Register. Learn more about creating an application at Quickstart: Register an app in the Microsoft identity platform - Microsoft Entra.
Info |
---|
To use an existing application, navigate to Portal Home > Azure Active Directory > App registrations > All applications. In the search box, specify the application name you want to use. Details on the application display in the search list. |
Define Permissions
13. Under Microsoft Graph, select Delegated permissions and choose the following permissions from the respective category.
OpenId permissions > offline_access
Files > Files.ReadWrite.All
14. Click API permissionsto grant permissions to the application for the endpoint in context
...
On the left navigation panel, navigate to Manage,select API permissions > Add a permission.
On the Request API permissions window, select Microsoft Graph > Application permissions for the OAuth2 Application Account.
Select the permissions from Files, Users, and Teams. Choose the minimum API permissions listed under Scopes and Permissions Required for Dynamics 365 for Sales.
Click Add Permissions. View all the permissions added under Configured permissions.
Click Grant admin consent confirmation and select Yes.
Click Overview and select Add a Redirect URI. You will be redirected to the Platform Configurations page.
Under Platform configurations, click Add a platform.
Select Web and specify either of the following Redirect URIs based on the region your server is located:
https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/rest
...
Under Manage, click API permissions to grant permissions to the application for the endpoint in context.
...
Click Grant admin consent for SnapLogic in the Configured permissions screen to allow token generation in your Snap Pack without the need to specify client credentials each time.
...
Click Add permissions to add permissions.
https://emea.snaplogic.com/api/1/rest/admin/oauth2callback/rest
Click Configure. A popup message displays indicating that the application is successfully updated.
On the Platform configurations page, click Save. The Redirect URIs are added the the application.
Locate the Application Credentials in the Azure Portal
To authorize your account in SnapLogic, you must have the following application credentials:
Application (Client) ID
Directory (Tenant) ID
Client secret value
On the application page, under Essentials, note the Application (client) ID and Directory (tenant) ID needed for the Snap account.
In the left navigation panel, select Manage > Certificates & secrets.
On the Certificates & secrets page, click + New client secret.
In the Add a client secret window, enter the Description, select an option for Expires from the dropdown list, and click Add.
The Client secret value and ID are generated. This value and the ID are required to configure the OAuth2 account.
You can copy the Client secret value only after it is generated. Note that this value is displayed only once, so ensure to copy it securely.
Scopes and Permissions Required for Dynamics 365 for Sales
Application permissions | |||
---|---|---|---|
Permission | Display String | Description | Admin Consent Required? |
user. impersonation | user_impersonation | Allows | No |
User.Read.All | User.Read.All | Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user. | Yes |
Specify the Credentials And Validate the Snap account
Navigate to the Snap of your choice and
...
configure the OAuth2 account with the
...
- Client ID
- Client Secret
- OAuth2 Endpoint and OAuth2 Token:
- OAuth2 Endpoint:https://login.microsoftonline.com/%3Ctenantname%3E.onmicrosoft.com/oauth2/v2.0/authorize
- OAuth2 Token: https://login.microsoftonline.com/<tenantname>.onmicrosoft.com/oauth2/v2.0/token
- Token Endpoint Config:
- Token endpoint parameter: response_type
- The token endpoint parameter value: code
- Auth Endpoint configuration:
- Authentication parameter: scope
- Authentication parameter value: offline_access Files.ReadWrite.All
...
See Also
...
details from the Azure portal's registered application. Refer to Dynamics Directory OAuth2 account
Select the Auto-refresh token checkbox in the account settings and click Apply.
Click Authorize. The Access and Refresh tokens are generated. You will be redirected to the sign-in page of the Azure Portal.
Sign in to Azure Portal with valid credentials to redirect to the Snap Edit account settings dialog. The Access and Refresh tokens are autopopulated but encrypted in the Account settings.
Validate the Snap Account.
If you select the Auto-refresh token checkbox, then you must provide offline_access as the Scope in the Token end point configuration.
Troubleshooting
Common Errors | Reason | Response |
---|---|---|
Error 401 | Token is invalid | Provide a valid token and reauthorize the account. |
The redirect URI specified does not match the reply URI configured for the application. | Incorrect redirect URI specified by user. | Add the following redirect_uri: |
URL error when invoking the operation | Ensure the tenant domain name is correct. | Ensure that Directory (tenant) ID noted from the application is in the correct format. Example: 2060aafa-89d9-423d-9514-eac46338ec05 |
Frequently Asked Questions
Expand | ||
---|---|---|
| ||
Yes, you can register a new application or use an existing application in the Azure portal to create an OAuth Account. Refer to the configuration documentation key flow Create an Application in Azure Portal. For more information, refer to https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application |
Expand | ||
---|---|---|
| ||
In our configuration documentation, the key workflow Locate application credentials in the Azure Portal highlights the values of the Application ID, Client ID, and Secret key. For more information, refer to Dynamics Application Account. |
Expand | ||
---|---|---|
| ||
For any support, contact the support team. The help icon in the Snap provides referential information with the selected Snap from the application. |
Expand | ||
---|---|---|
| ||
The Scopes and Permissions Required for Dynamics Sales specify the Delegated and Application permissions details. For any other permissions that are needed for the application, refer to https://learn.microsoft.com/en-us/graph/permissions-reference |
Expand | ||
---|---|---|
| ||
You can use the Dynamics 365 NTLM and Dynamics 365 OAuth2 Online, accounts to connect Dynamics 365 for Sales Snaps with data sources. |