11- Microsoft single sign on

Technical configuration

11- Microsoft single sign on

This article describes the Microsfot login setup for Soletechs Dynamics ESS 365 application.

Register an Application

  • Open Microsoft Azure
  • Click on Azure Active Directory
  • Click on App registrations
  • Click on New registration
  • For Name, enter Dynamics ESS 365
  • For Support type, select Accounts in this organizational directory only (your tenant name only – Single tenant)

You can choose different support type based on your company policy, some company allows 2 different tenants to access the directory)

  • Click on Register
  • Click on Overview

  • Copy the Application (client) ID
  • Copy the Directory (tenant) ID

Authentication

  • Click on Authentication
  • Under Platform configurations, click on Add a platform

  • Click on iOS/macOS
  • For Bundle ID, enter com.restart.SoleTech.Temp.365
  • Click on Configure
  • Click on Add a platform
  • Click on Android
  • For Package name, enter com.restart.soletechsNew
  • For Signature hash, enter GK7/DHwqwEQ56aVHGqC0xx1zNm8=
  • Click on Configure
  • Click on Android
  • For Package name, enter com.restart.soletechsNew
  • For Signature hash, enter ghL3lqZDJnRku84CYbZ35Gdc6rc=
  • Click on Configure
  • Click on Android
  • For Package name, enter com.restart.soletechsNew
  • For Signature hash, enter RtP1D65G6egLtYfk+3cPMUZ8wQA=
  • Click on Configure

Expose an API

  • Click on Expose an API
  • Click on Set

  • Click on Save
  • Under Scope defined by this API, click on Add a scope
  • To create a scope that defines read access to the API:
    1. For Scope name, enter tasks.read.
    2. For Admin consent display name, enter Read access to tasks API.
    3. For Admin consent description, enter Allows read access to the tasks API.

  • Click on Add scope

API Permissions

  • Click on API permissions
  • Click on Add a permission

  • Click on My APIs
  • Click on Dynamics ESS 365
  • Under Permission, expand tasks, and then select the scopes tasks.read

  • Click on Add permissions
  • Click on Grant admin consent for <Your Tenant name>
  • Click on Yes

This Grant admin consent for <Your Tenant name> button accessible only for admin user

Click on task.read from Configured Permissions list and then copy the scope full name.

Send the details to Soletechs team

Please send the following information to Soletechs Teams

  • Application (client ID) :
  • Directory (tenant ID) :
  • task.read (Scope full name) :