How to set up OAuth 2 for Microsoft Dynamics 365 CRM
October 31, 2024
This guide explains how to obtain your OAuth 2.0 credentials and configure API permissions for Microsoft Dynamics 365 CRM in Microsoft Entra ID (formerly Azure Active Directory).
Background
Microsoft Dynamics 365 CRM uses Microsoft's identity platform for secure authentication. By registering your application on it, you establish a trusted connection that allows Unified.to to access Dynamics 365 data through Microsoft Graph (Microsoft's gateway to data and intelligence in Microsoft 365) and other Microsoft APIs. This works through:
- Delegated access: Your application acts on behalf of the signed-in user, with permissions granted by both the administrator and the user
- OAuth 2.0 credentials: These consist of a client ID (which identifies your application) and a client secret (which serves as your application's password)
- Permissions: Specific capabilities your application requests, which must be approved by an administrator
For more information, see: What is the Microsoft identify platform?
Before you begin
Ensure you have:
- Access to the Microsoft Entra admin center (entra.microsoft.com)
- Administrator access to Microsoft Entra ID
Register your application
You'll first need to register an application in the Microsoft Entra admin center. This process will provide you with a client ID and client secret.
- Sign in to the Microsoft Entra admin center
- Navigate to the App registrations page
- Select Applications from the left sidebar
- Click App registrations
- Click New registration
- Configure your application
- Enter a meaningful name (i.e. your product name)
- Under Supported account types, select Accounts in any organizational directory (Any Microsoft Entra ID directory - Multitenant)
- In the Redirect URI section:
- Select Web as the platform
- Enter
https://api.unified.to/oauth/code
as the redirect URI (or our EU URL)
- Click Register
Get your Microsoft Dynamics 365 client ID and secret
- Retrieve your client ID
- On your application's overview page, locate the Application (client) ID
- Copy this value - this is your client ID
- Create a client secret
- In the left menu, select Certificates & secrets
- Under Client secrets, click New client secret
- Provide a description (optional, but helpful for tracking)
- Make sure that the expiration field is set to its maximum value
- Click Add
- Immediately copy the secret Value (not the secret ID)
- Important: Store this value securely - you won't be able to view it again after leaving this page
Configure Dynamics 365 API permissions
- Set up required permissions for Microsoft Graph. These will be used to obtain information about your users.
- In the left menu, click API permissions
- Click Add a permission
- Select Microsoft Graph
- Choose Delegated permissions
- Search for and add the following OpenID permissions:
openid
email
offline_access
- Click Add permissions
- Set up required permissions for Microsoft Dynamics 365 CRM
- From the API permissions screen, click API permissions again
- Under More Microsoft APIs, select Dynamics CRM
- Choose Delegated permissions
- Search for and add the following OpenID permissions:
user_impersonation
(required for basic access)
- Click Add permissions
Enter your Microsoft Dynamics 365 CRM credentials on Unified.to
- Go to https://app.unified.to/integrations/microsoftdynamics
- Enter your client ID and client secret from the steps above
- Save your changes
Congratulations, you can now use the Microsoft Dynamics 365 integration in your application. Happy building!