So before we jump in how to, we need to understand some basics how OAuth2 works.
well basically OAuth2 is one of the authentication out there, the purpose is to is validate and authenticate with Azure AD, permission granted or not to access the apps. if granted, it will generate “TOKEN”.
now we heading to D365FinOps , in D365 FinOps we have users and all of its security roles, so basically user that can call D365FinOps services (example OData or Custom Services) via OAuth 2.0 should be only legitimate D365 FinOps users.
There is some grant_type for OAuth 2.0 that works with D365 FinOps :
1. Authorization Code : when user access or call some services, they need to provide login information . (works with D365 FinOps, just provide user and password when microsoft login window popup) , then TOKEN generated.
ref : https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
2. Password Credentials : the user and password credentials is hardcoded in the call, so no popup window login, then TOKEN generated afterward.
ref : https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc
other grant_type seems not working wih D365 FinOps because cant provide legitimate D365 FinOps User in the call parameter.
Now let us try shall we ??
the summary for the tutorial (will update in next blog post) :
1. Setup Apps Registrations in Azure AD and Setup in D365 FinOps
2. Generate Oauth2 Token using grant_type Authorization Code
3. Generate Oauth2 Token using grant_type Password Credentials
4. Testing OAuth2 Token to call OData Services
5. Create Simple D365 FinOps custom services
6. Testing Oauth2 Token to call D365 FinOps custom services.