In order for Dynamics 365 users to create a connection in OSR, an administrator of Dynamics 365 with Azure subscription and admin access to the Active Directory needs to register OneStop Reporting as an external application and allow access in Dynamics 365 Finance and Operations.

This entails a three-step process:

  1. Register a web application with Azure Active Directory
  2. Register the Azure application in Dynamics 365 Finance and Operations
  3. Create a connection to Dynamics 365 in OneStop Reporting portal.

 

The administrator must collect this information before creating a connection to the OneStop Reporting Portal:

  • Authorization URL: Consists of https://login.windows.net/ + your Dynamics domain name (e.g. https://login.windows.net/mycompany.onmicrosoft.com)
  • Token URL: Is URL for your Dynamics 365 installation (e.g. https://mycompany.operations.dynamics.com)
  • Client ID: Application ID in Azure and corresponding Client Id that is registered in Dynamics 365.
  • Client Secret: Value from step 10 in the procedure below (“Register a native application with Azure Active Directory”).

 

Step 1: Register a web application with Azure Active Directory

NOTE: These steps do not have to be completed by all the people in your organization. Only one Azure Service Administrator user can add the application and share the client ID with the developers. Prerequisite: You must have an Azure subscription and admin access to Active Directory.

  1. From the appropriate project in Microsoft Dynamics Lifecycle Services (LCS), open Azure portal.

 

2. In Azure portal, on the Azure Active Directory tab, select Properties, and make a note of the tenant ID in the Directory ID field. You will require the tenant ID later to retrieve an Azure Active Directory (Azure AD) authentication token.

3. On the Azure Active Directory tab, select App registrations, and then select New application registration.

4. Enter a name that identifies the external application that you are registering. For an application that will authenticate by using a shared secret, select Web app / API. In this context, the sign-on URL does not matter. Therefore, use localhost.

5. Select the new application, and copy the application ID. You will require the application ID later to request an Azure AD authentication token. Select Required permissions.

6. Click Add, and then select Select an API.

7. Click Microsoft Dynamics ERP.

 

 

8. Under Delegated permissions, you must select, at a minimum, the following options:

  • Access Dynamics AX Custom Service
  • Access Dynamics AX data
  • Access Dynamics AX online as organization users

  1. Select Done.
  2. Select Keys. In the dialog box that appears, enter a description, set the Expires value to Never expires, and then select Save.

After you have saved the new key, a value appears in the Value column.

IMPORTANT: Make sure that you copy this value, because you will not see it again, and you will require this secret key to complete your OAuth authentication and receive an Azure AD token.

 

Step 2: Register the Azure application in Dynamics 365 Finance and Operations

  1. In Finance and Operations, go to System administration > Setup > Azure Active Directory applications.
  2. Click New.
  3. Fill in the fields for the new record:
  • In the Client Id field, enter the application ID that you registered in Azure AS.
  • In the Name field, enter a name for the application.
  • In the User Id field, select an appropriate service account user ID. For this example, we have selected the admin user. However, as a better practice, you should provide a dedicated service account that has the correct permissions for the operations that must be performed.
  1. Click Save.

NOTE: Click here for more information from Dynamics about these two procedures.

 

Step 3: Create connection to Dynamics 365 in OneStop Reporting Portal

  1. Go to portal.onestopreporting.com.
  2. Click Get Data and click Connection.
  3. Click New.

4. In the Select ERP System dialog box, click Dynamics 365.

  1. In the Connect to Microsoft Dynamics 365 for Operations dialog box fill in the fields:
  • Connection name: Enter a suitable name, such as Microsoft Dynamics 365.
  • Client ID: Application ID in Azure and corresponding Client Id that is registered in Dynamics 365.
  • Client Secret: Value from step 10 in the procedure “Register a native application with Azure Active Directory”.
  • Authorization URL: Consists of https://login.windows.net/ + your Dynamics domain name (e.g. https://login.windows.net/mycompany.onmicrosoft.com)
  • Token URL: Is URL for your Dynamics 365 installation (e.g. https://mycompany.operations.dynamics.com)