May 19, 2023

Configuring Azure Key Vault Parameters in Dynamics 365 Finance and Operations

Configuring Azure Key Vault Parameters in Dynamics 365 Finance and Operations

Configuring Azure Key Vault Parameters in Dynamics 365 Finance and Operations

Introduction:

In this blog post, I will guide you through the process of configuring Azure Key Vault parameters in Dynamics 365 Finance and Operations (referred to as FinOps). This configuration is particularly useful for integration scenarios where sensitive data, such as security keys or certifications, needs to be securely stored. By leveraging Azure Key Vault, we can ensure data encryption and proper management of cryptographic keys and certificates.

Prerequisite Steps:

Before we dive into the configuration, let's go through some prerequisite steps to set the stage for a seamless setup:

  1. Create a Key Vault: Begin by creating a Key Vault in the Azure portal and make a note of the Value URI, which can be found in the overview tab. This Value URI will be needed during the configuration process.
  2. Add Certificates, Secrets, and Keys: Next, add the necessary certificates, secrets, and keys to your Key Vault. These items are essential for secure data storage and retrieval.
  3. App Registration in Azure: Perform an app registration in the Azure portal and store the generated Client ID and Secret Key. This registration will enable secure communication between Dynamics 365 Finance and Operations and the Azure Key Vault.

Configuration Steps:

Now that we have completed the prerequisite steps, let's proceed with the actual configuration of Azure Key Vault parameters in Dynamics 365 Finance and Operations:

  1. Navigate to D365FO: Go to the D365FO application and access the System Administration module.
  2. Open Key Vault Parameters: Within the System Administration module, locate and open the "Key Vault Parameters" form.
  3. Create a New Record: Create a new record in the Key Vault Parameters form, and fill in the required details for the configuration.
  4. Certification Tab: Switch to the Certification tab within the Key Vault Parameters form. Here, you will add the necessary information for each certificate, including Name, Description, Secret, Secret Type, and Version (if applicable). The Secret field should contain a reference to the certificate in the format: vault://<KeyVaultName>/<SecretName>/(Version if any). Set the Secret Type to "Certificate."
  5. Validate Configuration: Click on the Validate button to ensure the settings are properly configured and functioning as expected.

Code Example:

To demonstrate how to access the configured certificate in your code, consider the following sample code snippet:

public class TheAxaptaAccessKeyVault
  {
      public static void main(Args _args)
      {
          KeyVaultCertificateTable kvcTable;
          str value;

          kvcTable = KeyVaultCertificateTable::findByName("TestKeyVault");
          value = KeyVaultCertificateHelper::getManualSecretValue(certTable.RecId);

          info(value); // This will retrieve the value stored in the certificate.
      }
  }

Conclusion:

Congratulations! You have successfully configured Azure Key Vault parameters in Dynamics 365 Finance and Operations. Now you can securely store and access sensitive data, such as certificates and keys, ensuring the highest level of data protection. Implementing this configuration will greatly enhance your integration scenarios and data security practices within the Dynamics 365 environment.

Happy configuring and coding!

#Dynamics365 #Azure #KeyVault #DataSecurity #Integration #Configuration

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

April 30, 2023

Azure Key vault parameter setup in D365FO

Hi Folks, 

In this post, I am going to share how to configure Azure key vault parameters in Dynamics 365 Finance and Operations  (Let's call it FinOps until we have a new name from Microsoft :) ).

First, let's understand what the use of this form is, This is primarily used for integration scenarios where a business needs to save sensitive data like security keys or certifications and a functionality or application working with this data must support data encryption, working with certificates, etc. As the cloud version of Microsoft Dynamics 365 for Finance and Operations doesn't support local storage of certificates, customers need to use key vault storage in this case. The Azure Key Vault provides the opportunity to import cryptographic keys, and certificates to Azure, and to manage them.


Now let's see some prerequisite steps, 

1. Create a key value on the Azure portal and note the Value URI. This is available on the overview tab.

2. Add your certificate, Secrate, and keys.
3. On the Azure portal, do an app registration and store the client Id and secret key.  
4. Now navigate to D365FO > System admin > Setup > Key Vault Parameters
5. Create a new record and fill below details


6. On the certification tab, add below for each certificate 
Name
Description
Secret – Enter a secret reference to the certificate in the below format
vault://<KeyVaultName>/<SecretName>/(Version if any)
Secret Type: Certificate

7. Click on Validate button to check the setting. 

That is all, now you should be able to access this certificate in your code, here is a sample code to access the certificate, 

public class TheAxaptaAccessKeyVault
{
    public static void main(Args _args)
    {
        KeyVaultCertificateTable    kvcTable;
        str                                        value

         kvcTable  = KeyVaultCertificateTable::findByName("TestKeyVault");
        value         = KeyVaultCertificateHelper::getManualSecretValue(certTable.RecId);

        info(value); //This will give you stored in the certificate. 
}

Cheers!!!

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta