Показать сообщение отдельно
Старый 22.09.2016, 06:12   #1  
Blog bot is offline
Blog bot
24,425 / 822 (76) +++++++
Регистрация: 28.10.2006
stoneridgesoftware: How to Configure Access for Scribe Online for Dynamics AX 7 Integration
Источник: https://stoneridgesoftware.com/how-t...7-integration/

I was recently working with a client where we had deployed Dynamics AX 7. One of the initiatives was to enable integration between Dynamics AX7 (The New Dynamics AX) and Scribe Online. Scribe Online has a variety of platforms where it can help enable integration. My client needed to setup integration between CRM Online and Dynamics AX7.

There are two pieces to enabling integration between Dynamics AX 7 and CRM online. The first piece is setting up the connecting agent and depending on your scenario it may be an On-Premise agent or it may be a Cloud agent. For the integration I was doing, it was a Cloud agent. The initial setup was almost a breeze, however, there was a key field that required a little additional work to get the integration working correctly.

Setting up a connection from Scribe to Dynamics AX

First, a connection to Dynamics AX was required, to do this the following steps were done:
  1. Create a New Connection in Scribe
  2. Select Microsoft Dynamics AX as the Type and then enter the following bits of information:
Connection name — I typically name it for the environment.

Connection alias — Alias for Connection name (I typically name it the same as above w/o spaces).

Block color — A nice color coding option used for a visual reference to distinguish connections.

OData Service URL — The address of any acceptable URL where the OData service is located. This URL must end in /data.

User — The name of the user who has rights to access OData.

Password — Dynamics AX7 authorized user that can access the oData feed.

Client Id — The GUID that identifies the client in the Dynamics AX system.

Authentication URL — The URL where the Client Id is verified which is the Microsoft Tenant URL: http://login.microsoftonline.com/DomainName

Here is what an almost configured connection looks like:

How to Configure the Client ID

The missing piece and the purpose of this blog is to explain and show how to configure the Client Id.  The Scribe Online documentation was pretty vague as to what or how to get the Client Id. Here is directly from the Scribe Online help Client Id — The GUID that identifies the client in the Dynamics AX system.

Ok, so that’s not very helpful, what is helpful to know is that Dynamics AX7 has 2 types of authentication mechanisms which are:
  1. User Authentication
  2. Services Authentication (OAuth)
User authentication looks like this:

And acts like this:
  • The User authenticates against their AAD
  • The User presents a set of claims to AX (claims based authentication)
  •  Instead of a windows token (like on-premise AD) a user presents a set of claims saying my name is so and so and I belong to this tenant and this tenant has a subscription of AX.
  •  The Dynamics AX7 security subsystem says, all right, I’m going to verify your claims and look to see if you’re a valid user.  If you’re a valid user, I’m going to look at all the security rules that are associated with you and then I’m going give you access to the system.
Service authentication, on the other hand, looks like this:

And acts like this (the part in red we will come back to in a minute):
  1. User authenticates, creates user agent in AAD and consents to service(s) access
  2. The client receives Authorization code (Client ID)
  3. Now, the client can request access to resources with the authorization code
  4. AAD verifies authorization code and passes the client back an Access token
  5. The client now requests data from Dynamics AX7 with the Access token
  6. Hopefully the client now receives the data
On a side note, OData Services, JSON-based Custom Service, and REST Metadata Services all support standard OAuth 2.0 authentication.

This part is critical to understand as this is the missing link.  Scribe Online is a service that needs to access Dynamics AX without a user being present (it’s a service and as such will follow service authentication).

To get scribe the Authorization code (Client Id) what is required is the following:

  • Click on your Domain

  • Click on Applications

  • Click Add

  • Select Add an application my organization is developing

  • Provide a name for the application and select Native Client Application

There are two kinds of application are supported in Microsoft Azure Active Directory (AAD):
  1. Native client application – This flow uses a user name and password for authentication and authorization.
  2. Web application (Confidential client) – A confidential client is an application that can keep a client password confidential to the world. The authorization server assigned this client password to the client application.
  • Enter a URI (doesn’t matter) and click the check mark to complete the setup.

  • You will land on the application page, click configure

  • Here you will find the golden goose, the Client Id!

  • Continue to scroll down to the bottom to permissions to other applications
  • Click Add application and select Microsoft Dynamics ERP then click the check mark in the lower right-hand corner

  • When you return to the application page, select Microsoft Dynamics ERP and in the drop down select all check boxes

You are now set to go back into the Scribe Connector and paste in the Client ID!
  • Once you have completed this, the only remaining piece is configuring Scribe Online to connect to Dynamics CRM online. The previous connection was for connecting Scribe Online to Dynamics AX.

Hopefully, this will help understand why you need the client ID and where you can get it from.

Источник: https://stoneridgesoftware.com/how-t...7-integration/
Расскажите о новых и интересных блогах по Microsoft Dynamics, напишите личное сообщение администратору.