How to setup ClientID & Secret Authentication

This guide contains step-by-step instructions to create a ClientID and Client Secret, and then how to give that Client access to your Dynamics 365 instance.

Creating a ClientId & Client Secret

Follow these steps:

1. Go to https://portal.azure.com
2. Log in using an account with administrator permission.
3. In the Azure portal, Expand the Portal Menu and select "Microsoft Entra ID" → App Registrations → New Registration
4. In the "Register an application" page, enter your application's registration information,
   1. Enter a suitable App Name
   2. Select Accounts in any organizational directory (Any Azure AD directory - Multitenant) option from the Supported account types
   3. Set RedirectURI (optional) to Public client/native (mobile & desktop).
   4. Click Register to create an application.
5. This will bring you to the app overview page. Here, hover over the Application (client) ID value, and select the Copy to clipboard icon to copy the value and save as you'll need this later.
6. Now, Set API Permissions:
   1. Select the API permissions tab from Portal Menu
   2. Click on Add a permission.
      

   3. Select Dynamics CRM from the Microsoft APIs tab.

   4. Click on Delegated Permissions and check the user_impersonation permission
      

   5. Click on Add Permissions at the bottom. 

7. Next, we must generate a Client Secret for the App. In the App click on Certificates & Secrets. Click on New Client Secret.
   

8. Now, provide a name and choose Expire duration and click Add.

9. Copy the Client secret value as You will need to share it with DQ

Those are the steps to complete the registration of your application in Azure Active Directory.

Granting access to your Dynamics 365 Instance

1. Sign in to the Power Platform admin center (https://admin.powerplatform.microsoft.com/environments)  as a System Administrator. 
2. Select Environments, and then select an environment from the list. 
3. Select Settings. 
4. Select Users + permissions, and then select Application users. 
5. Select + New app user to open the Create a new app user page. 
6. Select + Add an app to choose the Azure AD application that was created.
7. Choose which Business Unit this user will be a part of.
8. Select the Security roles for the new user by selecting the Edit (Pencil) Icon.
    

   Note: The actual role needed will depend on your organizational structure and how your security roles have been configured.
   But you will need a role that has Read, Update, and Merge Privileges on all the tables you wish to deduplicate as well as the Impersonate privilege in order to access personal views.
   
   Typically we recommend assigning the "System Administrator" role to begin with and then changing to a different security role later on once everything has been confirmed working.

   
9. Click Save

Your ClientID and Secret will now have access to your Dynamics 365 Instance.