• Release History
  • Documentation
  • Back to www.mscrm-addons.com
  • Release History
  • Documentation
  • Back to www.mscrm-addons.com
home/Knowledge Base/DocumentsCorePack(DCP)/Required Application Permissions for Online Services

Required Application Permissions for Online Services

4307 views 5 Updated on October 23, 2023

This article outlines the required application permissions for online services when setting up a DocumentsCorePack or AttachmentExtractor service via DocumentsCorePack Service Configuration or AttachmentExtractor Service configuration

During the service setup you will be asked to grant the following permissions to our application:

Permission requested during service setup
Figure 1: Permission requested during service setup

Consent on behalf of your organization

This grants the consent for all users to use this connection without having to consent on their own.

I do not have an administrator account available

If you do not have access to an administrator account, please have an administrator launch this link and register the application.

https://login.microsoftonline.com/common/oauth2/authorize?resource=https:%2F%2Fdisco.crm.dynamics.com%2F&client_id=cf64f130-739b-4003-9b1f-9d8f3818c4bb&response_type=code&haschrome=1&redirect_uri=http:%2F%2Fwww.mscrm-addons.com&client-request-id=75254dac-02af-4909-b32f-9d76dc98a32e&prompt=login&x-client-SKU=.NET&x-client-Ver=5.0.0.0&x-client-CPU=x64&x-client-OS=Microsoft+Windows+NT+6.2.9200.0

Common Data Service:

  • Access to common data service

Required to access your Dynamics 365 data read data for document generation as well as write data back to Dynamics 365.

SharePoint:

  • Read and Write your files,
  • Read and write items in all site collections &
  • Read and write items and lists in all site collections

Required to fully use the Dynamics SharePoint integration. When DocumentsCorePack is linked with Dynamics SharePoint Integration, DocumentsCorePack will create lists, folders & files in the
corresponding SharePoint locations.

  • Sign in and read user profile

This is required to log in as the user in Dynamics 365 and for some of our licensing options.

What is an Application registration?

The application registration defines the privileges of the user during the login.This Application does not have any components and does not interact with anything outside of your AzureActiver Directory.

You can find details about your registered applications within the Enterprise Application section in your AzureActiveDirectory.

Why do I need to consent?

Consent is required to grant the requested permissions to our application. The consent in the name of the organization option bypasses the need for other further users using our products to individually consent again (i.e. Consent only has to be granted by one user).

Does this breach my security?

Server2Server authentication does not allow any access without an interactive user login. There is no access granted to any party outside your AzureAD.

I’m not using Sharepoint at all. Do I still have to consent?

You need to consent during the installation, but you are free to modify the privileges after the application has been registered. As we do not know, which sites on Sharepoint are planned to be used, we can only request access to all of them.

Please note: Azure active directory already offers template scripts to change those privileges. You must confirm the grant again after modifying the privileges.


In addition, AzureAD has recently added options to manage rights for specific sites via PowerShell.

How can I prevent all users having to consent to the application individually?

If you didn’t consent during the installation of the application, you can always do so from within AzureActiveDirectory.

Click on the Grant admin consent to [Your tenant name] button to grant consent for all users and prevent the requirement for users to individually have to consent to the application.

Helpful resources:

App-Registration documentation from Microsoft:

  • Application object
  • How and why applications are added to Azure AD

Server2Server/OAuth/ModernAuthentication documentation from Microsoft:

  • OAuth 2.0 and OpenID Connect protocols on the Microsoft identity platform
  • Microsoft identity platform and OAuth 2.0 authorization code flow

That’s it! We appreciate your feedback! Please share your thoughts by sending an email to support@mscrm-addons.com.

Was this helpful?

5 Yes  1 No
Related Articles
  • Attaching documents from SharePoint when sending emails via the DocumentsCorePack dialog
  • How to: automate quote generation and delivery upon activation via Power Automate
  • Dynamic document elements in Multipart documents
  • Limiting access to SharePoint for custom app access using Sites.Selected
  • Batch document generation via the DocumentsCorePack dialog
  • Equip Canvas Apps with Document Creation Capabilities 
Latest Articles
  • Attaching documents from SharePoint when sending emails via the DocumentsCorePack dialog
  • How to: automate quote generation and delivery upon activation via Power Automate
  • Dynamic document elements in Multipart documents
  • Limiting access to SharePoint for custom app access using Sites.Selected
  • Batch document generation via the DocumentsCorePack dialog
Popular Articles
  • DocumentsCorePack Template Designer – Getting Started
  • Step-by-Step: How to configure a One-Click-Action
  • Where do I find the Unique Organization name in Microsoft Dynamics 365?
  • Application Access for Dynamics 365 (App Access)
  • DocumentsCorePack Online Service Configuration
Top Rated Articles
  • “Undefined”-labels in Chrome and Edge 114 and higher
  • Important information for Dynamics 365 online customers using DocumentsCorePack and/or AttachmentExtractor
  • How to activate the DocumentsCorePack connector for PowerApps & Microsoft Flow
  • Step-by-Step: How to configure a One-Click-Action
  • How licenses are counted
Categories
  • *News and General Infos* 53
  • Webinars 37
  • Template Designer(DCP 193
  • DocumentsCorePack(DCP 211
  • TelephoneIntegration (TI 65
  • AttachmentExtractor (AE 65
  • PowerSearch (PS 48
  • ActivityTools (AT 59
  • SmartBar (SB 53
  • GroupCalendar (GC 46
Our Vision

“We see it as our purpose to provide products that simplify and speed up our customers’ Microsoft Dynamics 365 experience.”

Knowledgebase
LogIn
mscrm-addons.com
  • Products
  • Online Shop
  • Downloads
  • My Account
About Us
  • About Us
  • Case Studies
  • Newsletter
  • Partner Program
  • Contact
Support
  • Support
  • Terms & Conditions
  • Documentation
  • Webinars
  • Legal Documents
  • Impressum
  • © 2022 www.mscrm-addons.com. All Rights Reserved.