-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to authenticate Multi Server URLs Using one azure Application credentials. #124
Comments
HI Ebrahem, while it's possible to create a multi-tenant app registration in your tenant, to get access to Dataverse in a different tenant, a consent needs to be granted + app user created anyway so the process is pretty much the same. Yes, of course you can automate creation of the app id and secret. See https://learn.microsoft.com/cli/azure/ad/sp how to create a service principal (that's the one you want) using Azure CLI. If you want to complete the entire process including registering a user in Dataverse and assign roles then consider using PowerShell version https://learn.microsoft.com/powershell/azure/create-azure-service-principal-azureps together with https://github.com/seanmcne/Microsoft.Xrm.Data.PowerShell to manipulate Dataverse data. (Note that you can create credentials but not retrieve them.) Hope it helps |
Hello @georged, Thanks for the quick respond. I will read the articles you mentioned but let me ask another question, |
For multi-tenant app registration? In theory, yes, but you still need a consent / registration from the tenant administrator. |
Consent from client side, so he gotta approve first if i can access his data or not. |
Even before accessing the data... Accessing data in Dataverse is governed separately by app user roles. |
Hello @georged
Thanks for sharing this package on GitHub,
I am using your package to allow my clients authenticate Using Username, Password ( deprecated now ) and use their Server URLs ,
Now to do the same you must register application in azure portal and authenticate using ( App ID, Secret ID ) it's more secure but this way is not clear and a little confusing for our clients to do.
1- So How can I make One Azure Application for my company and authenticate any Server Url for any client and use his data, is that doable ?
if not:
2- Is there a way to make it easier for clients like registering Azure application for them and get their credentials by using endpoint for example? OR Is there any service that allows me to authenticate for them using one credentials (mine).
Thanks @georged
Regards,
Ebrahem
The text was updated successfully, but these errors were encountered: