Microsoft Dataverse Connector

Hi ​@rvgfox 

I will make a proper guide eventually, but I am myself stuck at a step the two customers/partners I helped get this working for.

Essentially you need to add your app added in powerapps for it to be able t do Client_Credentials authentication.
I got this from one who got the app set up correctly.

1. Check Service Principal Permissions

Ensure that the service principal (the app you're using) has the necessary permissions to access the Dynamics 365 environment.

• In Azure Active Directory (Azure AD), go to Enterprise applications > Your App > Permissions.
• Verify that the app has the correct API permissions for Dynamics 365 (e.g., user_impersonation for Dynamics).

2. Check the Organization’s Access

Make sure that the service principal is registered in the correct Azure AD tenant where the Dynamics 365 instance is located.

• If the Dynamics 365 instance belongs to another tenant, ensure that the service principal has cross-tenant access.
• You may need to assign the service principal as a user or application in the Dynamics environment.

3. Check User Role in Dynamics 365

If you're using a user account to access the Dynamics 365 API, ensure the user has the correct role assigned.

• In Dynamics 365 > Settings > Security > Users, confirm that the user has an appropriate role, such as System Administrator or a custom role with API access.

4. Confirm the API Scope

• Ensure that the scope parameter URL matches the required permissions for your Dynamics 365 instance. The URL:

  bash

  Copy

  Edit

  https://org0f38c640.crm4.dynamics.com/.default

  appears correct, but verify that the instance is properly configured.
• Also, confirm that you're using the correct tenant ID in your requests. The tenant in your token request must match the Dynamics 365 environment's tenant.

5. Ensure the User is in the Right Tenant

If you're using a multi-tenant application, make sure the user or service principal is in the same tenant as the Dynamics 365 instance.

• If using a user account, you may need to invite the user to the tenant or add them to the appropriate security group.

6. Grant Permissions to the Service Principal in Dynamics 365

If you're using a service principal (app), you need to grant it permissions in Dynamics 365:

• Go to Power Platform Admin Center or Dynamics 365 Admin Center.
• Assign the app to the appropriate roles (e.g., Environment Maker).

7. Admin Consent

Ensure that your app has received admin consent to access the necessary resources.

• Without admin consent, the app cannot authenticate or access data in Dynamics 365.

After troubleshooting, I discovered that there was no application user for our app in Dynamics 365.

So, I:

1. Created an application user for our app in the Azure portal.
2. Set the business unit to org0f38c640.
3. Assigned the System Administrator security role to the application user.

The above is based on what this guide is about.

https://community.dynamics.com/blogs/post/?postid=92f21150-5627-4457-afa2-bb9e8ad786f8

Once this part is done, you can gain access to Dataverse using our own TX ODATA data source.

Here is how it is set up.

You need to find your organisation id.

I found it here https://make.powerapps.com

The Instance URL is what you use for the scope, where you add {Organisation URL}.default, it is what is used as the base URL with {Organisation URL}api/data/v9.2/ and for the Metadata discovery URL {Organisation URL}/api/data/v9.2/$metadata

You can click on the Configure button to see all the available endpoint once you have set up working authentication and mapped the data source.