OAuth with Azure Active Directory for Dynamics CRM

Who’s Affected

This setup is for new Bizible customers using Dynamics CRM with an Azure Active Directory (AAD) account, or for customers that want to migrate from their legacy username and password login to Azure Active Directory with OAuth.

NOTE

For both of these scenarios, AAD is set up here to facilitate connecting your Dynamics instance in Bizible as a Data Provider.

Set Up New Application

  1. Sign-in to your Azure Portal.

  2. Choose your Azure AD tenant by clicking on your account in the top-right corner of the page, followed by clicking on the Switch Directory navigation and then selecting the appropriate tenant (skip this step if you only have one Azure AD tenant under your account or if you’ve already selected the appropriate Azure AD tenant).

  3. Search for “Azure Active Directory” in the search bar and click the name to open.

  4. Click App Registrations in the left-hand menu.

  5. Click New Registration at the top.

  6. Follow the prompts and create a new application. It doesn’t matter if it’s a web application or a public client (mobile & desktop) application, but if you’d like specific examples for web applications or public client applications, check out our quickstarts.
    a. Name is the application name and describes your application to end users.
    b. Under Supported account types, select Accounts in any organizational directory and personal Microsoft accounts.
    c. Provide the Redirect URI. For Web Applications, this is the base URL of your app where users can sign in. For example, http://localhost:12345. For public client (mobile & desktop), Azure AD uses it to return token responses. Enter a value specific to your application. For example, http://MyFirstAADApp.

  7. Once you’ve completed registration, Azure AD will assign your application a unique client identifier (the Application ID). You need this value in the next section, so copy it from the application page.

  8. To find your application in the Azure portal, click App Registrations, then click All Applications. Open your newly created application

  9. Click Authentication in the left-hand menu.

  10. Add Bizible’s redirect URLs: https://apps.bizible.com/OAuth2 and https://apps.bizible.com/OAuth2?identityOnly=true to the list of Redirect URLs.

  11. From here, enter “enterprise” in the search box and click on Enterprise Applications

  12. Again, find and open your new application from the list of applications

  13. From the Permissions tab, make sure that the correct permissions are assigned to the Azure Active Directory application

  14. From the “Users and Groups” tab, make sure that the valid “Users and Groups” are assigned to the Application.

Connecting your Dynamics Instance via OAuth

  1. When setting up your Dynamics connection for the first time, follow steps 1-5 of the “CRM as a Data Provider” section in this article.

  2. When prompted for OAuth credentials, fill in the Client Id, Client Secret, and Application Id URI that were set up in the section above.

a. Client Id is the Id from Step #7 in the section above. If you didn’t write it down, the Application Id is displayed in the Settings of the App registration.

b. Client Secret is the application secret created in the Azure Portal for your application under Certificates & Secrets.

c. Application ID URI is the URL of the target web API (secured resource). To find the App ID URL, in the Azure Portal, click Azure Active Directory, click Application registrations, open the application’s Settings page, then click Properties. It may also be an external resource like https://graph.microsoft.com. This is normally the URL of the dynamics instance.

  1. After you click Submit, you’ll be prompted to sign-in with Azure Active Directory. When the authentication is successful, your Dynamics account will be connected as a data provider within Bizible.

Re-authenticating your Dynamics Account

  1. When you’re in the Bizible application, go to My Settings > Settings > Connections.

  2. Click on the key icon in the CRM section next to the Dynamics connection.

  3. Once the key is clicked, a pop-up will appear and you’ll be prompted to enter the Client Id, Client Secret, and Application Id URI, similar to the signup flow.

  4. After you click Submit, you’ll be prompted to sign-in with Azure Active Directory. When the authentication is successful, your Dynamics account will be re-authorized within Bizible.

On this page