Tutorial: Register an app with Azure Agile Directory

  • Article
  • 2 minutes to read

This tutorial describes how to register an awarding with Azure Active Directory, which enables a user with Ability Apps user business relationship to connect to their Microsoft Dataverse surround from external customer applications using OAuth hallmark.

Of import

Power Apps also provides you with Server-to-Server (S2S) hallmark choice to connect to Dataverse environment from external applications and services using the special application user account. S2S hallmark is the common way that apps registered on Microsoft AppSource use to access the data of their subscribers. More than information: Build web applications using Server-to-Server (S2S) authentication.

App registration in Azure Active Directory is typically done by ISVs who want to develop external client applications to read and write information in Dataverse. Registering an app in Azure Active Directory provides you with Awarding ID and Redirect URI values that ISVs can use in their customer awarding's authentication code. When end users employ the ISV's awarding for the first time to connect to their Dataverse environment past providing their Dataverse credentials, a consent class is presented to the finish user. After consenting to use their Dataverse account with the ISV's application, end users tin connect to Dataverse surround from external application. The consent form is non displayed again to other users after the first user who has already consented to use the ISV's app. Apps registered in Azure Agile Directory are multi-tenant, which implies that other Dataverse users from other tenant can connect to their environment using the ISV'southward app.

App registration can also be washed past an application developer or individual user who is building a client application to connect to and read/write data in Dataverse. Use the Application ID and Redirect URI values from your registered app in your client awarding's authentication lawmaking to be able to connect to Dataverse surround from your client application, and perform the required operations. Notation that if the app is registered in the same tenant every bit your Dataverse environment, you won't exist presented with a consent form when connecting from your client awarding to your Dataverse environment.

Prerequisites

  • An Azure subscription for application registration. A trial business relationship volition besides work.

Create an application registration

  1. Sign in to the Azure portal using an account with administrator permission. You must use an account in the same Microsoft 365 subscription (tenant) equally you intend to register the app with. Yous tin also access the Azure portal through the Microsoft 365 Admin center by expanding the Admin centers detail in the left navigation pane, and selecting Azure Active Directory.

    Note

    If you don't have an Azure tenant (account) or you do accept 1 but your Microsoft 365 subscription with Dataverse is not available in your Azure subscription, post-obit the instructions in the topic Set up Azure Agile Directory access for your Programmer Site to associate the two accounts.

    If you don't take an account, you tin sign up for one past using a credit menu. Notwithstanding, the account is free for application registration and your credit card won't exist charged if you only follow the procedures called out in this topic to register one or more than apps. More data: Agile Directory Pricing Details

  2. In the Azure portal, select Azure Agile Directory in the left pane and select App registrations and click on New registration.

    Azure App Registration.

  3. In the Register an awarding page, enter your application's registration information:

    • In the Name section, enter a meaningful application name that will be displayed to the users.

    • Select Accounts in any organizational directory option from Supported account types department.

    • Set the Redirect URI.

    • Click on Annals to create the awarding.

      New App registration page.

  4. On the app Overview page, hover over Application (client) ID value, and select the Copy to clipboard icon to copy the value as you'll need to specify this in your awarding's authentication code or app.config file where advisable.

    Copy application ID.

  5. Select Manifest tab, in the manifest editor, set the allowPublicClient* belongings to true and click on Save.

    App registration Manifest.

  6. Select API permissions tab, click on Add a permission.

    Add app permission.

  7. Search for and choose Dataverse under the APIs my organization uses tab. If "Dataverse" is not institute, and then search for "Common Data Service".

    Select API.

    Tip

    If you are presented with more than i Mutual Data Service item in the search list, choose whatsoever i of them. In the side by side step the service proper noun and URL will exist shown. At that betoken you can go back to the API search and choose a unlike Dataverse list item if needed.

  8. Click on Delegated permissions and check the options and click on Add permissions.

    Delegate Permissions.

    Note

    A hereafter revision of the grade in step #8 will replace the Dynamics CRM logo and icon with Dataverse.

This completes the registration of your awarding in Azure Active Directory.

Additional configuration options

If your application volition exist a Unmarried Page Awarding (SPA) that depends on CORS you must configure the app registration to support the implicit flow. More data: Tutorial: Registering and configuring a SPA application with adal.js

If your application volition back up server-to-server connections, see Employ Multi-Tenant Server-to-server authentication

Run across also

Application registration in Azure Active Directory
Authenticate Users with Dataverse Web Services