Performing this task will require the following:
- Portal Owner privileges
- Azure Admin privileges on the tenant
This configuration process is expected to take 15 minutes
These permissions enable customers to assign licenses to their users. When a Global Admin accesses the Manage License page in the portal and grants access, the app will be able to read/write on the customer's tenant, thus enabling them to manage their own licenses.
- Login to Azure Portal using the Global administrator account and click on the 'Azure Active Directory' icon within the Azure Services section. In case you don’t find the 'Azure Active Directory' icon click on More Services.
- Click on ‘App Registrations’ on the left-hand navigation menu and then click the ‘+ New Registration’ button on the right-side pane
- Fill in the App Registration form with the details outlined below:
|Name:||Dynamics 365 Portals Customer (Manage License)|
|Supported Account Types:||Accounts in any organizational directory (Any Azure AD directory Multitenant)|
|Redirect URI:||Select ‘Web’ in the dropdown and enter your Portal base URL appended with ‘/managelicenses’ in the text box|
|E.g.||If your portal URL is https://iotap.microsoftcrmportals.com/ then the URL to be entered would be https://iotap.microsoftcrmportals.com/managelicenses|
- Make sure you have filled all required information and click on the 'Register' button.
- Within the newly created App click on ‘Authentication’ menu on the left-hand side navigation. On the right-hand pane tick the below checkboxes and hit ‘Save’.
- Now Click on ‘API Permissions’ on the left-hand side navigation. Click the ‘Add a Permission’ button on the right-hand pane
In the Window that pops up click on "Microsoft Graph"
In the next Screen chose 'Delegated Permissions'
- In the section below, expand the ‘Directory’ area and select ‘Directory.ReadWrite.All’ and click the ‘Add Permission’ button.
This permission needs Admin consent. If the ‘Grand Admin Consent’ button looks disabled, try refreshing the screen. Once enabled, ensure to hit the ‘Grant admin Consent…’ button.
- To confirm check the ‘Status’ column in the table below which should now display ‘Granted..’
- Click on 'Overview' on the left-hand navigation menu and copy the 'Application (client) ID'
- Go back to your CRM and Click on the 'App' besides Dynamics 365 at the top-left corner
- Click on 'Portal Management'
- On the left-handed menu click on 'Site Settings'
- Create the following record:
|Work365 - Application Id||['Application (Client ID)' from step #12]|
Your Azure AD is now configured to allow your customers to manage their licenses through your Self-Service Portal.
Updated 2 days ago