Obtaining access and refresh tokens using the Configuration Manager
Note: The Configuration Manager is currently supported only on Windows platforms.
You need the following information before you begin.
Service URL: The REST endpoint of the Dynamics 365 service to which you are connecting
Authorization URI: The endpoint for obtaining an authorization code from the Azure authorization service
Token URI: The endpoint used to exchange authentication credentials for access tokens
Client ID: The client ID for your application
Client Secret: The client secret for your application
Scope: An OAuth scope, or a space-separated list of OAuth scopes, which specifies the permissions that limit application access to the Dynamics 365 service. Scope is required if you are using the Microsoft Identity Platform (v2) to provision users and manage application access.
The following steps describe how you can use the Progress DataDirect Dynamics 365 Configuration Manager to obtain access and refresh tokens for either the access token flow or the refresh token grant. In addition, the Configuration Manager produces a connection URL that you can use in your application.
Note: You must allow popups in your browser to obtain access and refresh tokens with the Configuration Manager.
1. Open the Dynamics 365 Configuration Manager by selecting the ODBC Administrator from the Progress DataDirect program group.
For detailed information on launching the Configuration Manger, see "Configuring data sources with the Configuration Manger."
2. Set Authentication Method to 0 (OAuth2).
3. Provide the following information in the fields provided.
Service URL
Authorization URI
Token URI
Client ID
Client Secret
Scope (only for Microsoft Identity Platform v2)
If you are using the Microsoft Identity Platform (v2) to provision users and manage application access, the scope must include the offline_access permission to retrieve a refresh token. This permission allows the Configuration Manager to retrieve a refresh token, and, by way of the refresh token grant, provides the application with prolonged access to the Dynamics 365 service. See Determining the scope for details.
4. Retrieve access and refresh tokens.
a. Click Fetch OAuth Token.
b. If logon popup appears, enter Azure Active Directory credentials. (This popup may not appear if you previously logged on.)
c. If consent popup appears, provide consent, allowing the Configuration Manager to retrieve the tokens. (This popup may not appear if you previously provided consent to the Configuration Manager.)
d. The Access Token and Refresh Token fields populate with values retrieved from the OAuth authorization server.
5. Click Test Connect to verify connectivity and run SQL queries against the service.
Results:
The Access Token and Refresh Token fields include access and refresh tokens that you can use to implement OAuth 2.0.
The connection string in the Connection String field may be copied and used in your application to connect with your Dynamics 365 service.
Note:
Not all the values in the resulting connection string are required. However, the connection string can be copied directly to a location a that can be used your application. The driver ignores any values that do not apply to your OAuth implementation.
For example, the refresh token grant connection string, derived from the Configuration Manager, might include the following options.
DRIVER=DataDirect 8.0 Microsoft Dynamics 365;ServiceURL=serviceurl;
AuthURI=auth_uri;TokenURI=token_uri;
ClientID=client_id;ClientSecret=client_secret;
AccessToken=access_token;RefreshToken=refresh_token;
Scope=scope;
However, only the following options are required for a refresh token grant connection string.
DRIVER=DataDirect 8.0 Microsoft Dynamics 365;ServiceURL=serviceurl;
TokenURI=token_uri;ClientID=client_id;
ClientSecret=client_secret;RefreshToken=refresh_token;
Service URL: The REST endpoint of the Dynamics 365 service to which you are connecting