This article describes the required steps to use “Application Access” for our Online Services using your own application.
- 2020.96 DocumentsCorePack: How to check or update your solution.
- 2020.12 AttachmentExtractor: How to check or update your version
- Azure Role requirement: Application admin rights within your Azure tenant to create an application
Step 1: Create Custom application
The following article describes how to create/register a new application: Register an application with Microsoft.
Please follow the steps as described and use the following parameters.
- Account type: Accounts in this organizational directory only
- Redirect Uri:
- Type: Web application
- URI: https://dcpserviceconfig.mscrm-addons.com/AdalCallback.aspx
Next, you will need to add a client secret as described in this article.
IMPORTANT: Once created you have to copy & save your created client secret. You will need it for the setup and cannot review it again after creation.
Note: The custom application requires the following minimum set of privileges (see this article for information about adding security):
- User.Read rights in Azure Active Directory Graph
- user_impersonation in Dynamics CRM
- Sites.ReadWrite.All in SharePoint (optional)
Step 2: Create an application user in Microsoft Dynamics 365
In this step you learn to create an application user. Therefore navigate to Dynamics 365 > ❶ Advanced Settings > ❷ Security > ❸ Users.
This site opens. Click on “Enabled Users” to change the view to “Application Users”.
Then Press the [New]-button in the left top corner to create a new User and click “Application User” in the drop-down.
When this form opens, enter the “Application ID” and save your changes.
Now you have successfully changed the view to “Application User”.
Then it is necessary to assign this user an administration role. Click on the ❶ “MANAGE ROLES”-tab to open the “Manage User Roles”.
Select the role “System Administrator” to apply to the user and confirm with [OK].
Step 3: Connect our online service via custom application
Within the connection settings of the DocumentsCorePack or AttachmentExtractor Service configuration you have to choose the connection type “App Access (custom)” and provide the following details:
- Username: Loginname to your Dynamics 365 organization (User the service will act as, use of appliaction user possible)
- Application ID: Id of the application created in step #1
- Client Secret: Client secret created in step #1
That’s it! We appreciate your feedback! Please share your thoughts by sending an email to firstname.lastname@example.org.