How to get your OAuth 2 credentials for Microsoft Dynamics 365
October 29, 2024
This guide explains how to obtain your OAuth 2.0 credentials and configure API permissions for Microsoft Dynamics 365 business applications in Microsoft Entra ID (formerly Azure Active Directory).
Background
Business applications in Microsoft Dynamics 365 use Microsoft's identity platform, Entra ID, for secure authentication. By registering your application on it, you establish a trusted connection that allows Unified.to to access Dynamics 365 data through Microsoft Graph (Microsoft's gateway to data and intelligence in Microsoft 365) and other Microsoft APIs. This works through:
- Delegated access: Your application acts on behalf of the signed-in user, with permissions granted by both the administrator and the user
- OAuth 2.0 credentials: These consist of a client ID (which identifies your application) and a client secret (which serves as your application's password)
- Permissions: Specific capabilities your application requests, which must be approved by an administrator
For more information, see: What is the Microsoft identify platform?
Before you begin
Ensure you have:
- Access to the Microsoft Entra admin center (entra.microsoft.com)
- Administrator access to Microsoft Entra ID
Register your application
You'll first need to register an application in the Microsoft Entra admin center. This process will provide you with a client ID and client secret.
- Sign in to the Microsoft Entra admin center
- Navigate to the App registrations page- Select Applications from the left sidebar
- Click App registrations
- Click New registration 
 
- Configure your application- Enter a meaningful name (i.e. your product name)
- Under Supported account types, select Accounts in any organizational directory (Any Microsoft Entra ID directory - Multitenant)
- In the Redirect URI section:- Select Web as the platform
- Enter https://api.unified.to/oauth/codeas the redirect URI (or our EU URL)
 
- Click Register 
 
Get your Microsoft Dynamics 365 client ID and secret
- Retrieve your client ID- On your application's overview page, locate the Application (client) ID
- Copy this value - this is your client ID 
 
- Create a client secret- In the left menu, select Certificates & secrets
- Under Client secrets, click New client secret 
- Provide a description (optional, but helpful for tracking)
- Make sure that the expiration field is set to its maximum value
- Click Add
- Immediately copy the secret Value (not the secret ID) - Important: Store this value securely - you won't be able to view it again after leaving this page
 
 
Configure Dynamics 365 API permissions
- Set up required permissions for Microsoft Graph. These will be used to obtain information about your users.- In the left menu, click API permissions
- Click Add a permission
- Select Microsoft Graph
- Choose Delegated permissions
- Search for and add the following OpenID permissions:- openid
- email
- offline_access
 
- Click Add permissions 
 
- Set up required permissions for the business application you are building under Microsoft Dynamics 365:- From the API permissions screen, click API permissions again
- Under More Microsoft APIs, select the business application category you are building
- If you're using Dynamics Sales, then select Dynamics CRM
- If you're using Dynamics Customer Engagement, then select Customer Insights
 
- Choose Delegated permissions
- Search for and add the following OpenID permissions:
- user_impersonation(required for basic access)
 
- Click Add permissions
 
Enter your Microsoft Dynamics 365 credentials on Unified.to
- Go to https://app.unified.to/integrations/ and search for the integration you're using
- Enter your client ID and client secret from the steps above
- Save your changes
Congratulations, you can now use the Microsoft Dynamics 365 integration in your application.
Happy building!