MicroStrategy ONE

Required Parameters for Authentication in Microsoft Dynamics 365

MicroStrategy ships the Microsoft Dynamics 365 JDBC driver by default. You can set up connectivity using User Level OAuth orRefresh Token OAuth.

You must obtain the following client information and endpoints to authenticate connection to a Microsoft Dynamics 365 service.

  • Client ID - the client ID for your application
  • Directory (tenant) ID - the directory ID for your application
  • Client Secret - the client secret for your application
  • Authorization URI - the endpoint for obtaining an authorization code from the Azure authorization service
  • Token URI - the endpoint used to exchange authentication credentials for access tokens
  • Scope - refers to the permissions associated with an application
  • Service URL - the service URL is the REST endpoint of the Dynamics 365 service to which you are connecting

Obtain Application Client Information and Endpoints

  1. Go to the Azure portal.
  2. Select Azure Active Directory.
  3. On the left, select App registrations.
  4. Select the app that you have created.

  5. From the app Overview page, record the ClientID and Directory (tenant) ID.

  6. Obtain your ClientSecret.
    1. Select Certificates & secrets.
    2. Click New client secret.
    3. Enter a description and choose an expiry option.
    4. Click Add.

    5. Copy the ClientSecret to a secure location.

  7. Obtain the authorization URI and token URI endpoints.
    1. Return to the Overview page for your application.

    2. Click Endpoints to display authorization and token endpoints associated with the application.

  8. Obtain the Scope.

    Scope refers to the permissions associated with an application. Scope is determined by your Microsoft Dynamics 365 administrator. If the Microsoft Identity Platform (v2) is being used to provision users and manage application access, then scope must be specified using the Scope property when retrieving the OAuth tokens necessary for connecting to a Dynamics 365 service.

    The value of the Scope property may consist of an OAuth scope or a space-separated list of OAuth scopes. The following syntax applies to each scope specified by the scope property:

    resource_uri/scope_name offline_access

    Where:

    • resource_uri is the URI for your Dynamics 365 instance and is found at the start of the ServiceURL. For example, https://mywebinstance.api.crm.dynamics.com is the resource URI for the Service URL https://mywebinstance.api.crm.dynamics.com/api/data/v9.1/.
    • scope_name is the name of a scope being enforced against the Dynamics 365 service.
    • offline_access is a scope that enables prolonged access to resources on behalf of a user. This scope must be included if you are retrieving a refresh token.

    The following example shows a scope for a Dynamics CRM instance with the user_impersonation and offline_access scopes:

    Scope=https://mywebinstance.api.crm.dynamics.com/user_impersonation offline_access

  9. Obtain the Service URL.

    The service URL is the REST endpoint of the Dynamics 365 service to which you are connecting. The service URL is specified with the ServiceURL property. For example:

    ServiceURL=https://mywebinstance.api.crm.dynamics.com/api/data/v9.1/

    1. Log into the Microsoft Dynamics 365 to which you are connecting.
    2. From the application drop-down, select Settings > Customizations.
    3. Click Developer Resources.

    4. Under Instance Web API, locate the service URL in the Service Root URL field.

 

Related Articles

KB485063: Troubleshooting the MicroStrategy Dynamics 365 connector in MicroStrategy