Navigate to https://docs.microsoft.com/en-us/powerapps/developer/common-data-service/walkthrough-register-app-azure-active-directory#create-an-application-registration.
Follow all the steps. For Step 3, enter a relevant application name (e.g., “Marketo Integration”). Under the Supported Account Types, select Account in this organizational directory only.
Write down the Application ID (ClientId). You’ll need to enter it in Marketo later.
Grant Admin consent by following the steps in this article.
Generate a Client Secret in the Admin Center by clicking Certificates & secrets.
Click New client secret.
Add a Client Secret description and click Add.
Make sure to make note of the Client Secret value (seen in the screenshot below), as you’ll need it later. It is only shown once, and you won’t be able to retrieve it again.
Marketo authenticates to Azure AD with OAuth using grant_type Resource Owner Password Credentials( ROPC). This scenario needs the creation of a Home Realm Discovery policy for the specific application. With this policy, Azure AD will redirect the authentication request to the federation service. Password hash synchronization has to be enabled in AD Connect for this. For more information, please see OAuth with ROPC and Set an hrd policy for an application.
Additional references can be found here.
When you’re done, it’s time to Enter the Dynamics CRM Generated Client Id And Secret into Marketo.
The following steps are applicable to Online and On-prem versions.
In Marketo, click Admin.
Click Microsoft Dynamics.
Click Disable Sync.
Next to credentials, click Edit.
Enter the Client Id and Client Secret you retrieved previously and press Save.
Click Validate Sync Setup.
You should see all green checkmarks. Click Close.
If you see a red X among your green checkmarks, see this article for fix options.
Click Enable Sync.
And that’s it!