Technical tasks for Dooap D365 deployment

The following tasks will need to be carried out before Dooap team can finalize your new Dooap environment.

Note that Dooap supports only Entra ID (Azure AD) logins. Read more here.

1. Grant App Registration consents

• Complete the wizard to allow login to Dooap application - we'll deliver the link.
• Consents must be granted by a native Entra ID global admin.
• There are separate links for UAT and PROD.
• Note, each environment consist of multiple consents. Please follow through the wizard until prompted to log out.

2. Deploy Dooap D365 package

• Download the package - we will deliver you the link.
• Deploy the package to D365  following Microsoft's documentation:
  • https://docs.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/aio-deployable-packages
  • https://docs.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/manage-runtime-packages#deployable-packages-from-third-parties

Dooap package does not alter standard D365 functionality. The package can safely be installed, even if old 3rd party solutions for AP are still being used.

The deployable package includes 4 models containing our custom service integration code. They should all be deployed.

• • Dooap
  • DooapAPIs
  • DooapBufferRecordFramework
  • DooapChangedEntityFramework

3. Create Dooap integration accounts

• System user accounts must be created to the same Entra ID domain that was used to deploy the D365.
• Separate accounts should be created for UAT and PROD for added security.
• A full D365 Finance license is required. Exact name of the full license depends on your subscription model. Team member license is insufficient per Microsoft licensing guide.
• Once created, please deliver the credentials to Dooap team securely.
  
  
• Create account: “Dooap UAT integration account”
  • For example: dooapintegration-test@customer.onmicrosoft.com
  • Password cannot expire.
  • Multifactor authentication (MFA) must be disabled.
• Create account: “Dooap PROD integration account”

• • For example: dooapintegration-prod@customer.onmicrosoft.com
  • Password cannot expire
  • Multifactor authentication (MFA) must be disabled.
• Apply high throttling priority for both integration users. More detailed instructions can be found in this article.

3a. Optional: Set up ClientID + secret value

Dooap allows using ClientID + Secret authentication layer in addition to the standard username + password method. This optional authentication layer does not affect functionality.

Integration user is still required.

1. Create Application and Secret in Entra ID following Microsoft's documentation.
2. Link the created application to D365FO.
3. Provide clientID, secret value and expiration date to Dooap securely.
4. More detailed instructions can be found here: D365 Enroll with ClientID & Secret.

4. Grant D365 access to Dooap integration accounts

• Add both Dooap integration accounts to D365 UAT and PROD environments - this will prevent UAT credentials from being overwritten when refreshing test data.

• Disable UAT user in Prod.
• Access to legal entities must not be limited
• Assign Dooap Integration role to allow system-user access to master data.

5. Grant D365 access to Dooap consultants

Consultant accounts are needed for implementation and continuous support. You can either:

• Invite @dooap.com consultants as guest users to your Entra ID (preferred),
• or create the accounts under your @customer.onmicrosoft.com domain.

Add the users to D365, and grant roles Dooap, Dooap parameters. 

System administrator role will be used during implementation, if allowed by your policy.

6. Assign a worker to the integration account

A specified D365 worker (employee) is used to auto-approve the invoice journals created by Dooap.

• Create a new worker under Human Resources > Workers > Workers
  
  • Name = Any name, for example “Dooap"
  • Personnel Number =  Any available number
  • Employment Start Date = today’s date

• Assign the worker to Dooap Integration account under System administration > Users
  • Search for the Dooap Integration User, click Select
  • Add the Dooap Worker in the Person field

7. Create new invoice journal

Dooap uses a specific journal to post all non-po invoices.

Add this journal to each company using Dooap.

• General Ledger > Journal Setup > Journal names
  
  • Name: Dooap
  • Description: Dooap
  • Journal type: Vendor invoice recording
  • Voucher series: Continuous and company-specific, for example your existing AP Invoice number series
  • Amounts include sales tax: Yes

8. Whitelisting

If your environment has access restrictions, please whitelist the Netherlands region, as our global management platform is hosted in Azure West Europe (backup France).

 

D365 UAT data refresh

When you refresh your D365 data from PROD to UAT, users rights will also be overwritten, which will break the Dooap integration in UAT.

Pre-emptively adding UAT user to the PROD environment in disabled state allows you to restore the functionality by simply re-enabling the UAT integration account after the refresh.

See the more detailed instructions here.