Application Configuration in the Azure Portal to use Finance and SCM OAuth2 Account
In this article
Overview
Snaps in the Microsoft Dynamics 365 Finance and SCM Snap Pack require an OAuth2 account to access the resources in Azure. For the OAuth2 account to authorize successfully, ensure to create and configure an application corresponding to the account as per the key steps in the workflow. You must also register an application in Dynamics 365 Finance and Operations with the details of the application registered in the Azure portal.
Prerequisites
An Azure account with a subscription to create the application.
Register the Azure application in the Dynamics 365 Finance and Operations application.
OData V4.
Key Steps in the Workflow
Create an Application in the Azure Portal
Log in to the Microsoft Azure Portal.
Navigate to Azure services > Microsoft Entra ID.
Navigate to Add > App registration.
On the Register an application page, specify the name for registering the application and click Register. For more information on creating an application, refer to the Azure Active Directory Documentation.
To use an existing application, navigate to Portal Home > Azure Active Directory >App registrations > All applications. In the search box, specify the application name you want to use. The details of the registered application dsiplay in the search list.
Define Permissions
On the navigation panel, navigate to Manage, select API permissions > Add a permission.
On the Request API permissions window, select Dynamics ERP and select the delegated permissions listed under the Scopes and Permissions required for MS Dynamics 365 Finance and SCM.
Click Add Permissions and view all the permissions added under Configured permissions.
Click Grant admin consent confirmation and select Yes.
Click Overview and select Add a Redirect URI. You are redirected to the Platform configurations page:
Under Platform configurations, click Add a platform.
Select Web and specify the Redirect URI in the following format:
https://<control-plane-name>.snaplogic.com/api/1/rest/admin/oauth2callback/<snap-pack-name>
where the<control-plane-name>corresponds to the domain part of your SnapLogic URL—elastic (global control plane) or emea (EMEA control plane).
For example:https://emea.snaplogic.com/api/1/rest/admin/oauth2callback/msdynamics365fohttps://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/msdynamics365foClick Configure. A pop-up message displays indicating that the application is successfully updated.
On the Platform configurations page, click Save. The Redirect URIs are added to the application.
Locate Application Credentials in the Azure Portal
To authorize your account in SnapLogic® Platfom, you must have the following application credentials:
Application (client) ID
Directory (tenant) ID
Client secret value
On the application page, navigate to Overview.
Under Essentials, make a note of the Application (client) ID, and Directory (tenant) ID.
In the navigation panel, select Manage > Certificates & secrets.
On the Certificates & secrets page, click + New client secret.
In the Add a client secret window, enter the Description, select an option for Expires from the dropdown list, and click Add:
The Client value and Secret ID are generated. This value and ID are required to configure the OAuth2 account.
Scopes and Required Permissions for Microsoft Dynamics 365 Finance and SCM
For more information about Scopes and Permissions, refer to Service endpoints overview.
Delegated permissions (User account only*) | |||
|---|---|---|---|
Permission | Display String | Description | Admin Permission Required? |
offline_access (Mandatory for the Auto-refresh token) | offline_access | offline_access must be assigned if you select the Auto-refresh token option. | Yes |
CustomService.FullAccess | Access Dynamics AX Custom Service | This permission allows the application to access all Microsoft Dynamics custom service APIs. | No |
Odata.FullAccess
| Access Dynamics AX data | This permission allows the application to access Microsoft Dynamics AX as a user or an application. | No |
AX.Full.Access | Access Dynamics AX online as organization use | This permission allows the application to access all Microsoft Dynamics AX service endpoints. | No |
Register your External Application
Log in to the Dynamics 365 Finance and Operations application.
Navigate to System administration > Setup > Azure Active Directory applications and Select New.
Configure the fields for the new record:
In the Client ID field, specify the application ID you registered in the Azure Active Directory.
In the Name field, specify a name for the application.
In the User ID field, select an appropriate service account user ID.
Select Save to apply the changes.
Specify the Credentials and Validate the Snap Account
Navigate to the required Snap.
Configure the OAuth2 account with the details from the registered application in the Finance and SCM Portal.
Click Authorize. You are redirected to the sign-in page of the Azure Portal.
Sign in to Azure Portal with valid credentials to redirect to the Snap Edit account settings dialog. The Access and Refresh tokens are auto-populated and encrypted in the Account settings.
Troubleshooting
Error | Reason | Resolution |
|---|---|---|
Error 401 | The pipeline could not complete execution because of a connection error. | Reauthorize the account and retry. |
Snap Pack History
Related Content
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.