Step-by-Step Guide to Azure App Registration Process

Introduction:

Azure App Registration is a crucial step when developing applications that integrate with Azure services. It allows your application to authenticate and access resources securely within the Azure ecosystem. In this blog post, I will provide a comprehensive, step-by-step guide to the Azure App Registration process, helping you understand the necessary steps to register your application.

App registration is required for a lot of purposes in D365FO, for example

1.    To set up Warehouse mobile

2.    Setup out of box Power BI report

3.    Postman configuration

4.    Various integration scenarios

 

Prerequisite: Just one, get the admin account and use the same account for all the steps, this account should have access to D365FO as well.  (I know it's not mandatory but I would recommend this.)

Step 1: Access the Azure Portal:

To begin the Azure App Registration process, log in to the Azure Portal (https://portal.azure.com) using your Azure account credentials. Once logged in, you'll have access to the Azure dashboard.

Step 2: Navigate to Azure Active Directory:

From the Azure dashboard, locate and select "Azure Active Directory" from the list of available services. Azure Active Directory is a comprehensive identity and access management solution provided by Microsoft. (To make sure you choose the right directory).

Step 3: Choose "App Registrations":

Within Azure Active Directory, navigate to the "App registrations" section. This section allows you to manage all your application registrations. You can search for the same in the top search bar.

Step 4: Click "New Registration":

Click on the "New Registration" button to initiate the app registration process. You will be prompted to provide essential details about your application.

 

Step 5: Fill in Application Details:

In this step, you need to provide the following details:

- "Name": Enter a unique name for your application.

- "Supported account types": Choose the appropriate account type (such as "Accounts in this organizational directory only" or "Accounts in any organizational directory"). Mostly it will be within the same organization.

- "Redirect URI": Specify the URI where Azure will redirect users after authentication. This is typically the URI of your application. In our case, it will be the URL of D365FO environment.

Step 6: Register the Application:

After providing the necessary details, click on the "Register" button to create the application in Azure. Azure will generate a unique "Application (client) ID" that you will need to use during the development and configuration of your application.

 

Step 7: Configure API Permissions:

To access Azure resources from your application, you need to grant it appropriate permissions. In the app registration page, navigate to "API permissions" and click on "Add permission." Here, you can select the APIs and permissions required for your application. This section is used if you are going to use this for Power BI.

 

Step 8: Grant Admin Consent:

Once you have configured the necessary API permissions, you need to obtain consent from an Azure administrator. Click on the "Grant admin consent for <your organization name>" button to initiate the consent process.

 

Step 9: Generate Client Secrets:

If your application requires a client secret, such as when using the OAuth 2.0 client credentials flow, navigate to the "Certificates & secrets" section within the app registration page. Here, you can create and manage client secrets securely. Copy the value securely as it will not visible after this step and you need this for most of the applications eg. the Warehouse mobile app, and Power BI configuration.

 

Step 10: Application Configuration (Optional):

After completing the app registration process, you can configure additional settings specific to your application, such as branding, authentication options, and more. Explore the app registration page and adjust the settings as per your requirements.

 

Conclusion:

The Azure App Registration process is a vital step when building applications that integrate with Azure services. By following this step-by-step guide, you can successfully register your application in Azure Active Directory, configure necessary permissions, and obtain the required credentials for secure authentication and access to Azure resources. Properly registered applications can take advantage of various Azure services and APIs while ensuring a streamlined and secure development process.

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Azure Key vault parameter setup in D365FO

Hi Folks, 

In this post, I am going to share how to configure Azure key vault parameters in Dynamics 365 Finance and Operations  (Let's call it FinOps until we have a new name from Microsoft :) ).

First, let's understand what the use of this form is, This is primarily used for integration scenarios where a business needs to save sensitive data like security keys or certifications and a functionality or application working with this data must support data encryption, working with certificates, etc. As the cloud version of Microsoft Dynamics 365 for Finance and Operations doesn't support local storage of certificates, customers need to use key vault storage in this case. The Azure Key Vault provides the opportunity to import cryptographic keys, and certificates to Azure, and to manage them.

Now let's see some prerequisite steps, 

1. Create a key value on the Azure portal and note the Value URI. This is available on the overview tab.

2. Add your certificate, Secrate, and keys.

3. On the Azure portal, do an app registration and store the client Id and secret key.  

4. Now navigate to D365FO > System admin > Setup > Key Vault Parameters

5. Create a new record and fill below details

6. On the certification tab, add below for each certificate 

Name

Description

Secret – Enter a secret reference to the certificate in the below format

vault://<KeyVaultName>/<SecretName>/(Version if any)

Secret Type: Certificate

7. Click on Validate button to check the setting. 

That is all, now you should be able to access this certificate in your code, here is a sample code to access the certificate, 

public class TheAxaptaAccessKeyVault

{

    public static void main(Args _args)

    {

        KeyVaultCertificateTable    kvcTable;

        str                                        value

         kvcTable  = KeyVaultCertificateTable::findByName("TestKeyVault");

        value         = KeyVaultCertificateHelper::getManualSecretValue(certTable.RecId);

        info(value); //This will give you stored in the certificate. 

}

Cheers!!!

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Unable to restore database into DEV/Tier-1 instance

Hi Folks, 

When trying to restore a DB backup (.bak file) to one of the DEV boxes I was getting a strange error (initially it was strange :) ). The backup file was the size of about 50GB and I have disc space available of about 400GB but still, system was reporting issues for size. 

Possible reason: When we create a backup from SQL management studio, it contains only the used data pages and the backup file can be compress, while the actual database can be much larger then the backup file itself.

Solution: To verify the actual size of database, you can right-click on the database (at source) and check the properties, you will get the actual size of the Database itself. Now when you have the required size details with you, just make sure you have the space available in target system. 

Now, as the dev box is hosted on your Azure subscription, you have much more control over this. You can change the disk size from Azure portal. 

Cheers!!!

-Harry 

Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

More about Bicep

Hi Folks, 

Hope you had a great Christmas time and enjoying your holiday time to get ready for the New year. 

Sometime last year Microsoft started promoting Bicep as a new tool (language) for Logic app development, if you haven't read my post on that, pl follow the below link. 

Lets make Bicep(s) now

Now its been enough time and Microsoft really come up with a lot of good documentation and real-time example to use bicep to design your solution. Below are some useful links to explore more about bicep, 

1. Install Bicep tools

2. Decompiling ARM template JSON to Bicep

3. Comparing JSON and Bicep for templates

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Important website links for Azure

Hi Folks,

Here are a few important links that may help while working on Azure services.

Ø Azure for student: Free Azure credit for Azure services

Ø Free Azure account for demo and learn

Ø Azure status - Microsoft Azure: To check different azure services region/data center status. 

Ø  Logic Apps pricing: Azure Logic app pricing.

Ø Azure Latency Test: Azure services latency test.

OOverview of Azure security benchmark 

Ø Azure Speed Test 2.0: Measuring the latency from your web browser to the Blob Storage Service in each of the Microsoft Azure Data Centers.

Ø Sizes for virtual machines in Azure: Details of available sizes and options for the Azure virtual machines you can use to run your apps and workloads.

Ø Linux Virtual Machines Pricing:

Ø Azure products: All Microsoft Azure services landing page.

Ø Cloud Services pricing

 

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta