Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Description
Excerpt |
---|
Let's set up AAD authentication |
Overview
Table of Contents | ||||||
---|---|---|---|---|---|---|
|
1. Limitations
Barcode login is not suited for use with AAD as it will require two barcodes and generally lacks security.
2. Prerequisites
- This guide only applies to Business Central Online
An Administrator user account associated with the Customers Business Central environment
- Extension version MOB5.18
- Android App 1.5.0
3. Creating Microsoft Azure App Registration
To access Business Central using AAD authentication, you must grant client access to this service.
- Log into https://portal.azure.com using an administrator user associated with the Customers Business Central environment
- Navigate to “Azure Active Directory” -> “App registrations”:
- Select “New registration” and name it Mobile WMS
Go to Redirect URI (this step is NOT optional)
Select “Public client/native (mobile & desktop)”
Enter this URI: https://businesscentral.dynamics.com/
Select “Register”
4. Configuring the Application Registration
- Navigate to “API permissions”
- Select “Add a permission”
- Select "Dynamics 365 Business Central"
- Select "Delegated permissions"
- Select “user_impersonation”
5. Gathering Information
This section outlines how to gather the data required for the mobile devices to connect using AAD.
Tasklet Factory needs the following data from you:
TenantId
ClientId
Soap URL
Info | ||
---|---|---|
| ||
If TenantId is not a part of the Soap URL, ite means that the App Registration has been set up in the wrong AAD |
Get ID's
- Navigate to "Azure active directory"
- Select "Manage"
- Select "App registration"
- Select the new App registration
- Please copy and save the values marked in red
Get theClient ID
Get the Tenant ID
Get Soap URL
- Log into Business Central
- Go to Web services page and
- Find the entry for MOB WS Dispatcher
- Please copy the SOAP URL field
6. Updating Mobile Configuration
Using the Service Desk please send us the TenantId, ClientId and Soap URL on the project ticket or raise a new ticket
or
if this is for your own partner device, see below and just fill in the info in the placeholders for Tenant ID, Client Id + Soap URL.
Example and Template for Start.cfg -file
Modify in the red marked sections with the gathered information.
<!-- ENDPOINTS -->
<endpoints>
<endpoint id="01" displayName="D365BC" protocol="classic" type="D365BC"
address="Soap URL">
<azureConfiguration authority="https://login.windows.net/TenantId/oauth2/authorize?resource=https://api.businesscentral.dynamics.com" clientId="ClientId" returnUri="https://businesscentral.dynamics.com/"/>
</endpoint>
</endpoints>
7. Troubleshooting Login Issues
Next
Excerpt | ||
---|---|---|
| ||
Login using Azure Active Directory (AAD) authentication. |
Overview
Page Tree | ||||
---|---|---|---|---|
|