D365 Enroll with ClientID & Secret

How to set up ClientID and Secret in Microsoft Entra for D365 enroll?

Dooap allows using ClientID + Secret authentication layer in addition to the standard username + password method. This optional authentication layer does not affect functionality.

Here you can find instructions on how to set up ClientID and Secret.

 

  1. Create an integration user account to Entra ID.
    1. D365 license is only required in PROD.

    2. Password is not needed in the enrolling process.
    3. MFA may be enabled.
  2. Import the user to D365.
    1. Use the following roles and no organization restrictions:
      1. Dooap integration
      2. Dooap.
  3. Create an app registration to Entra ID.
    1. Note: Separate app registrations must be created for UAT and Prod.
    2. Navigate to Azure and select Microsoft Entra ID.


      Entraid


    3. There select Manage > App registrations.


      app registrations


    4. Create a single tenant application.
      1. Remember to click Register once the necessary information is given.


        single tenant


  4. Add API permissions by navigating to Manage > API permissions.


    API permissions


    1. When adding the permissions, select Dynamics ERP.

      d erp


    2. After that, select delegated permissions:
      AX.FullAccess, CustomService.FullAccess, Odata.FullAccess
      and add permissions.

      add api per


  5. Create a new client secret.


    client sec


    1. We recommend setting the maximum expiration time.


      expir
    2. Copy the secret value (Value field) and save it securely - you cannot see it afterwards. Also save the expiration date.
      1. These are needed in the next phase and also should be sent to your Dooap contact person.

        save
    3. Also, navigate to Overview tab and copy Application (client) ID.
      1. This is needed in the next phase also and should be sent to your Dooap contact person.

        35c276bf-a85e-454d-8fe3-e8fb2dfbd197


  6. Then navigate to D365 and link the app registration to the integration user account.
    1. Select System administrator > Microsoft Entra ID applications.


      bf656823-85a1-481d-b6e1-08284657765e


    2. Paste the Application (client) ID you copied in 5c. to Client Id field.

      d2c94898-4ca4-4050-bbf7-faf9685fa244
    3. You can choose the name,  e.g. Dooap Integration UAT.

    4. Then assign the app to Dooap integration user ID.