How to Authenticating a client Application

 Authenticating a Client Applications

We can create multiple types of apps in AAD, Here we will discuss two kinds of Applications that are separated and supported in Microsoft AAD for Dynamics 365.

1. Native Client Application: This required a redirect URL, which Azure AD user to return a token response. This flow user a username and password for authentication and authorization.

2. Web App/ API: A confidential is an application that can keep a client's password confidential to the world. It uses a client APP ID and a client secret key to prepare client credentials. 


Step1: Register Your Application in Azure AD (Active Directory):

  • Sign in to your Azure portal.
  • Navigate to Azure Active Directory.
  • Go to "App registrations" and register your native client application.
  • Note down the Application ID (Client ID) generated for your app.
  • Configure the Redirect URI to which the authentication response should be sent. It should match the URI you specify in your app.

Step2: Configure Permissions:

  • Grant the necessary permissions to your app. Depending on your app's requirements, you might need permissions for various D365 F&O APIs.

Step3: Implement Authentication in Your Native Client App:
  • Include a library or implement OAuth 2.0 authentication in your app. Many OAuth libraries are available for different programming languages.                                                                                    
  • Use the OAuth 2.0 Authorization Code Flow or Implicit Flow (if applicable for native apps) to obtain an access token.
Step4: Request Authorization:
  • Redirect the user to the Azure AD authorization endpoint to request their consent.
  • Construct the authorization URL with parameters like client_id, redirect_uri, response_type (code for Authorization Code Flow, token for Implicit Flow), and scope (permissions required).
Step5: Receive the Authorization Code or Access Token:
  • After the user consents, they will be redirected back to the redirect_uri specified in your app with an authorization code (Authorization Code Flow) or access token (Implicit Flow).
Step6: Exchange the Authorization Code for an Access Token (Authorization Code Flow Only):
  • Make a POST request to the token endpoint (https://login.microsoftonline.com/{tenant_id}/oauth2/token) with the authorization code, client_id, client_secret (if you have one), redirect_uri, grant_type (authorization_code), and scope.
  • You will receive an access token and optionally a refresh token.
Step7: Use the Access Token to Access D365 F&O APIs:
  • Include the access token in the Authorization header of your API requests to D365 F&O.
  • You might also need to specify the resource URL (the URL of the D365 F&O instance) and API endpoint you want to access.
Step8: Handle Token Expiry and Refresh (if applicable):
  • Access tokens typically have a limited lifetime. Implement token refresh logic using the refresh token if you obtained one during authentication.
 

How can do that:

  • Log to the Azure Portal(https://portal.azure.com)
  • If you have multiple  AAD tenants, Select one that you want to use to create a new app.
  • Go to the menu in the left corner of the portals and select Azure Active Directory| App Registration.

  • Click a New Applications registration, and, in the new form, fill in the details as the following table and hit the Create button.
    1.  Name:                        LokDataIntegarionApp 
    2. Application type:       Native Redirect
    3.  URI :                          https://LokDataIntegarionApp     

                                                              
  • On Completion of this registration, AD assigns your application a unique client identifier, that is, the Application ID to your application.
  • Check the settings and make sure all the other properties of this new application are in place before using it. Refer to the following
  • Now let's register the apps in Dynamics 365 for Finance and operation. Navigate to System Administration | Setup| Azure Active Directory Application form, click a new on the new button, and fill in the required details.
  • Now, create a new Visual Studio C# class library project, which we will utilize for getting authentication to access Dynamics 365 for Finance and Operations ERP. Later, we will utilize the same to authenticate access to Dynamics 365 for Finance and Operations by our web service.
    • Create a new class ClientConfiguration.cs, where we will specify our
    • configuration using properties. Specify the following namespaces:
    •  using System;
    •  using System.Collections.Generic;
    •  using System.Linq;
    •  using System.Text;
    •  using System.Threading.Tasks;
  • Add the following specified code in our class. Here, we will set the default values of properties:
    •  public partial class ClientConfiguration
    •  {
    •  public static ClientConfiguration Default {get {return  ClientConfiguration.OneBox;}}
    •  
    •  public static ClientConfiguration OneBox = new ClientConfiguration()

    •  {
    •      UriString = "https://d365devdpkcdfe0b0****1caos.cloudax.dynamics.com/"
    •      ActiveDirectoryResource = "https://login.windows.net/myTenant.onmicrosoft.com",
    •      ActiveDirectoryClientAppId = "81dada10-f7ee-4fe3-a6b2-" };
    •      
    •      public string UriString { get; set; }
    •      public string ActiveDirectoryResource { get; set; }
    •      public String ActiveDirectoryTenant { get; set; }
    •      public String ActiveDirectoryClientAppId { get; set; }
    •   }
    • }
  • We will create a new class, where we will perform actual operations to get authentication and name this class as OAuthHelper
    •  using Microsoft.IdentityModel.Clients.ActiveDirectory;
    •  using System;
    •  using System.Collections.Generic;
    •  using System.Linq;
    •  using System.Text;
    •  using System.Threading.Tasks;
    •  public class OAuthHelper
    •  {
    •     public const string OAuthHeader = "Authorization";
    •     public static string GetAuthenticationHeader(bool useWebAppAuthentication = false)
    •     {
    •        string aadTenant =       ClientConfiguration.Default.ActiveDirectoryTenant;
    •        string aadClientAppId =  ClientConfiguration.Default.ActiveDirectoryClientAppId;
    •        string aadResource =     ClientConfiguration.Default.ActiveDirectoryResource;
    •        AuthenticationResult authenticationResult;
    •        var authenticationContext = new AuthenticationContext(aadTenant, TokenCache.DefaultShared);    
    •        authenticationResult = authenticationContext.AcquireTokenAsync(aadResource, aadClientAppId,new Uri("https://packtIntegrationApp")
    •        ,new   PlatformParameters(PromptBehavior.Auto)).Result;
    •        return authenticationResult.CreateAuthorizationHeader();       
    •     }
    •  }
  • Now, to test the authentication, we could create a new console application, name it PacktTestAuthentication, and set it as a start-up project.

    •  using System;
    •  using System.Collections.Generic;
    •  using System.Linq;
    •  using System.Text;
    •  using System.Threading.Tasks;
    •  using AuthenticationUtility;
    •  namespace PacktTestAuthentication
    •  {
    •    class Program
    •    {
    •      static void Main(string[] args)
    •      {
    •         var oauthHeader = OAuthHelper.GetAuthenticationHeader();
    •         Console.WriteLine(oauthHeader.ToString());
    •         Console.ReadLine();
    •      }
    •    }
  •  Now, click on the Start button in VS and you will be prompted to enter the username and password of the Dynamics 365 for Finance and Operations user
  • It will present you with an Authentication header.

Comments

Post a Comment

Popular posts from this blog

Configuring and using the Excel Data Connector add-in in D365 F&O

Image
    Excel Data Connector add-in in D365 F&O In this recipe, we will show you how to configure an Excel Data Connector add-in and use it to export data from Dynamics 365 for Finance and Operations and publish the updated data back in Dynamics 365 for Finance and Operations.  The Excel Data Connector app interacts with Excel workbooks and OData services created for publicly exposed data entities. Steps 1. Open a new workbook in Excel and navigate to the Insert tab. Under Add-ins, select My Add-ins, as shown in the following screenshot:            2. Under Office Add-ins, navigate to STORE, search for Microsoft Dynamics Office Add-in, and click on Add. This is shown in the following screenshot: 3. Once you've clicked, a new window will open within Excel as follows. Click on Add server information and the system will ask for account credentials. You have to sign in as the user that has access in your Dynamics 365 for Finance and Op...
Read more

Configuring Power BI in D365 Finance and Operation

Image
 Configuring Power BI In this blog, we can connect to Microsoft Dynamics 365 for Finance and Operations with Power BI Desktop to create custom Dynamics 365 reports and dashboards for use with the Power BI service.To enable Power BI the very first thing you have to do is configure your Power BI with Dynamics 365 for first use. Step1:  Log in to your Power BI account using https://powerbi.microsoft.com/en-us/. Step2: Give details about the application and Dynamics 365 for Finance and Operations environment, you can refer to the following for more clarity: App Name: Give an application name App Type: Choose a server-side web app Redirect URL: Add OAuth at the end of the home page URL Home page URL: Application URL Step3:  Choose APIs to access: Step4: Register your app: In this step, click on Register App and the system will create client ID and client secret for your new app. Keep a backup of both values, you need to put these values in the next step...
Read more

How to Change report title in SSRS Report in D365 F&O

Image
  How to Change Report Title Based on Condition in SSRS Report in D365 F&O: Step1: Insert a new Text Box in Report Design and write Expression is the given Below: Step2: Add a DP class in Project Write a code:                                                              if (Condition)                 tmpTable.ReportTitle = "Label of title1";                 else                 tmpTable.ReportTitle = "Label of title2";      Note: this condition writes in the process report method or where your tmp table is inserted.
Read more