Importance of Application User on Power platform & Dynamics 365

Application user is important factor for authenticate and integrate with dynamics 365/ power platform without required a license user account.

Benefits of Application user

1.           Server-to-server (S2S) authentication possible securely and seamlessly.
2.           To interact with Dynamics 365 data and perform background process without having license.
3.           Possible to build any 3rd party application on dynamics and power platform.
4.        .  Supports and work with MFA enable org. (Multi factor authentication)

 

1.     Register app on Azure

a.     Login on Azure (https://portal.azure.com) & go to “App Registration” and click on “New registration”.

  

                b. Now click on “Certificate & Secret” to generate you client credentials and save it into Notepad securely.  

 

 

c. Now the most important step is to give the API permission, here we want to interact with Dynamics CRM so select & choose this option.

 

 

d. Now make sure to click on Grant admin consent, otherwise application user don’t get access to connect with dynamics environment. 

 

f.      Configuration is complete now scroll up and click on Overview tab & copy the Client ID & Tenant ID.

Here you need to make sure the Client ID, Tenant and secrets must be saved into notepad securely, we need them while connecting custom applications with dynamics 365.

 

 

2.     Create application user on Dynamics 365.

a.     Go to Power Platform admin (https://admin.powerplatform.microsoft.com), choose your org where you want to create Application user.

b.     Now on top ribbon bar click on setting>>User and Permissions >> Application user and then you will be redirected to page.

c.     Click on new user app, on pop up screen search the app name, that you created on azure app register.

 

After that Search the App Name 

d.     Now once you select app then it will be navigated to new screen and ask for to select Business Unite (in my case I preferred root business unite) and & then most importantly do not forget to add security role (here I applied system admin role)

We had done with basic things like creating app on azure & added as a application user in dynamics 365 with valid user role.

Now here will trying a scenario, where I would be connecting a MFA enabled Dynamics org with XRM Toolbox so that seamlessly I will push web-resources into CRM.

 As we know MFA enabled org will not let you to connect with dynamics without approval.

but here the Application user has admin role & other hand the App that had registered on Azure by giving CRM API permissions, it will handle the authentication process securely in background and allow to connect the XRM toolbox with Dynamics crm. Now let see the final steps:

 

3.     Connect XRM Toolbox with MFA (Multifactor authentication) enabled Dynamics 365 environment.    

a.     Now here choose Client Id/Secret.

 

b.     Now provide the Dynamics 365 URL

 

 

Here provided Client id and secret which we have previously copied from azure register app and now we are able to connect XRM Toolbox with MFA enabled dynamics 365 without license.