Looking for PowerObjects? Don’t worry, you’re in the right place! We’ve been part of HCL for several years, and we’ve now taken the final step in our acquisition journey: moving our website to the HCL domain. Nothing else is changing – we are still fanatically focused on Microsoft Business Applications!

PowerObjects Blog 

for Microsoft Business Applications


Enabling Modern Authentication in your PowerPack Add-Ons

Post Author: Joe D365 |

With Microsoft enforcing modern authentication, you may have been wondering how your PowerPack add-ons will authenticate moving forward.

As you may have heard from us before, automated data processing is not compatible with user accounts where multi-factor authentication (MFA) is enabled, as MFA is designed to be used where the user is directly interacting with an application while it is running. Due to the automated nature of the cloud components of our PowerPack add-ons, the authentication for these applications will happen often and at times when a user may not be available to respond to a prompt.

We realize this is not practical, and our team has been working hard to develop and test updates to our cloud infrastructure that will support more advanced authentication mechanisms that do not require MFA as a security measure.

And with that, we are pleased to bring you ServertoServer authentication for our PowerPack add-ons!

Why this is important

From November 9th onwards, PowerPack add-ons will be supporting ServertoServer authentication (recommended and supported for CRM online) along with IFD authentication (supported for on-premises) for these add-ons:

  • PowerEmail
  • PowerConstantContact
  • PowerMailChimp
  • PowerSMS
  • PowerSurveyPlus
  • PowerWebForm
  • PowerWebTraffic

If you are on version 9.1.0.23474 or above of Dynamics 365, you will not be able to authenticate using username and password at all. Instead, you will be required to use ServertoServer authentication, as Microsoft turned off authentication using App password starting with this version.

Prerequisites to Using ServertoServer Authentication

To use ServertoServer authentication in your add-on, an online CRM deployment is required, and you will need to upgrade to the latest version of the add-on released to the website. These solutions will start to be released on November 9, 2020. Check the add-ons “change log” on the respective webpage to confirm that the version supports ServertoServer authentication. If you have any questions, please reach out to powerpackpro@hcl-powerobjects.com.

Configuration of ServertoServer Authentication in PowerPack Add-ons

Part 1: Create App Id and App Secret in Azure Tenant

Login to https://www.portal.azure.com with the same credentials as your Dynamics 365 tenant.

Note: Make sure you have access to create Active Directory app registration in Azure Portal.

1. Navigate to Azure Active Directory

2. Navigate to App registrations à New registration

3. Fill in the values for a, b, and c as shown below:

  • Name: ‘ServertoServer Authentication for PowerPack AddOn’ or any name of your choice.
  • Supported account types: Single Tenant
  • Redirect URI: ‘Web’ – https://<CRMOrgName>.com/auth

4. Click on Register.

Once the registration is successful, you will be redirected to it.

5. Create the app Secret by navigating to Certificates & secrets à New client secret

  • Description: ‘Secret for ServertoServer Authentication for PowerPack AddOn’ or any name of your choice
  • Expires: You can set ‘Expires’ field according to your choice.
  • Note: If you set expiry of the secret to 1 year or 2 years, you will need to follow this procedure again after expiration.

6. Once the secret is added, it can be copied as follows:

Step 2: Create a user in CRM

1. Create a new Application User as follows:

  • Sign in to https://admin.powerplatform.com as a System Administrator.
  • Select ‘Environments,’ and then select the correct environment from the list.
  • Select Settings.
  • Select ‘Users and permissions,’ and then select Application users.
  • Select ‘+New app user’ to create New app user or +Setup app user if you don’t have any app users yet.
  • Select 'Add an app' under the 'App' field on the right hand side panel and select the app registration you just created.
  • Select the correct business unit on the righthand side of the page.
  • Click on the edit button to add the relevant PowerPack app user role as well as either the system admin role or another out of the box security role such as Sales Person.
  • Click on ‘save’ and ‘create.'
  • Once this is done, you can go back to the PowerPack configuration page, and enter in the app registration information (App ID, App Secret, Tenant ID). Click on save, and test credentials to ensure it is successful.

Part 2: Configuration of PowerPack to use ServertoServer Authentication

1. Navigate to the configuration Page of the PowerPack

2. Click on Authentication tab

3. For Authentication Method, select ServertoServer (Recommended)

4. Application Id: Navigate to the App Registration created in Part 1and copy Application (client) ID

Reference:

5. App Secret: This is the ‘Value’ of the Secret created in Part 1:

Example:

6. Tenant Id: Directory (tenant) ID

Reference:

7. Click Save.

You are all set! Happy Power Packing!

Joe CRM
By Joe D365
Joe D365 is a Microsoft Dynamics 365 superhero who runs on pure Dynamics adrenaline. As the face of PowerObjects, Joe D365’s mission is to reveal innovative ways to use Dynamics 365 and bring the application to more businesses and organizations around the world.

Leave a Reply

Your email address will not be published.

PowerObjects Recommends