In this article
Overview
Snaps in MS Dynamics 365 Finance and SCM Snap Pack require an OAuth2 account to access the resources in Azure. For the OAuth2 account to authorize successfully, ensure to create and configure an application corresponding to the account as per the key steps in the Workflow. You would also require to register an application in Dynamics 365 Finance and operations apps with the details of the application registered in the Azure portal.
You can use this account type to connect MS Dynamics 365 Finance, and SCM Snaps with data sources that use an OAuth2 account.
Prerequisites
An Azure account with a paid subscription to create the application.
Register the Azure application in Dynamics 365 Finance and operations application.
OData V4.
Limitations and Known Issues
None.
Key Steps in the Workflow
Create an Application in the Azure Portal
Log in to the Microsoft Azure Portal.
Navigate to Azure services > Azure Active Directory.
Navigate to Add > App registration.
On the Register an application page, specify the name for registering the application and click Register. For more information on creating an application, refer to the Azure Active Directory Documentation.
To use an existing application, navigate to Portal Home > Azure Active Directory >App registrations > All applications. In the search box, specify the application name you want to use. The details of the registered application is displayed in the search list.
Define permissions
On the left navigation panel, navigate to Manage, select API permissions > Add a permission.
On the Request API permissions window, select Dynamics ERP and select the Delegated permissions listed under the Scopes and Permissions required for MS Dynamics 365 Finance and SCM.
Click Add Permissions and view all the permissions added under Configured permissions.
Click Grant admin consent confirmation and select Yes.
Click Overview and select Add a Redirect URI. You will be redirected to the Platform configurations page.
Under Platform configurations, click Add a platform.
Select Web and specify a valid Redirect URI https://cdn.elastic.snaplogic.com/api/1/rest/admin/oauth2callback/msdynamics365fo and click Configure. A popup message displays indicating that the application is successfully updated.
On the Platform configurations page, click Save.
Locate Application Credentials in the Azure Portal
To authorize your account in SnapLogic, you must have the following application credentials:
Application (client) ID
Directory (Tenant) ID
Client secret value
On the application page, under Essentials, make a note of the Application (client) ID, and Directory (tenant) ID.
In the left navigation panel, select Manage > Certificates & secrets.
On the Certificates & secrets page, click + New client secret.
In the Add a client secret window, enter the Description, select an option for Expires from the dropdown list, and click Add.
The Client secret value and ID are generated. This value and the ID are required to configure the OAuth2 account.
Scopes and Required Permissions for Microsoft Dynamics 365 Finance and SCM
Learn more about Scopes and Permissions at Service endpoints overview.
Delegated permissions (User account only*) | |||
---|---|---|---|
Permission | Display String | Description | Admin Consent Required? |
offline_access (Mandatory for the Auto-refresh token) | offline_access. | offline_access must be assigned if you select the Auto-refresh token option. | Yes |
CustomService.FullAccess | Access Dynamics AX Custom Service. | This permission allows the application to access all Microsoft Dynamics custom service APIs. | No |
Odata.FullAccess | Access Dynamics AX data. | This permission allows the application to access Microsoft Dynamics AX as a user or an application. | No |
AX.Full.Access | Access Dynamics AX online as organization use. | This permission allows the application to access all Microsoft Dynamics AX service endpoints. | No |
Register your External Application
Log in to the Dynamics 365 Finance and operations application.
Navigate to System administration > Setup > Azure Active Directory applications and Select New.
Fill in the fields for the new record:
In the Client ID field, specify the application ID you registered in the Azure Active Directory.
In the Name field, specify a name for the application.
In the User ID field, select an appropriate service account user ID.
Select Save to apply the changes.
Specify the Credentials and Validate the Snap Account
Navigate to the Snap of your choice.
Configure the OAuth2 account with the details located in the registered application in the Finance and SCM OAuth2 Account.
Click Authorize. The Access and Refresh tokens are generated. You are redirected to the sign-in page of the Azure Portal.
Sign in to Azure Portal with valid credentials to redirect to the Snap Edit account settings dialog. The Access and Refresh tokens are autopopulated but encrypted in the Account settings.
Validate the Snap Account. Learn more about the Finance and SCM OAuth2 Account.
Troubleshooting
Error | Reason | Resolution |
---|---|---|
Error 401 | The Pipeline could not complete execution because of a connection error. | Reauthorize the account and retry. |