Configure API Access with Azure AD

Within the Azure AD Tenant, you must create an app registration and bind an application user account to that registered app.

Follow the instructions in the section titled Connect as an app in the following Microsoft guide:

After creating the registration, you will create a client secret under Certificates & Secrets in the app registration. This secret will be leveraged by the integration when you configure the Middleware plugin.

Configure Permissions for the Application Account

Once you have created the app registration, custom security role, and application account, the final step is to give the account the appropriate permissions within Dynamics 365.

  1. Log into the Power Platform Admin Center at
  2. Select your environment.



    Application Account Permissions Settings

  3. Click Settings at the top to view the environment settings menu page.



    Application Account Settings - Users and Permissions

  4. Expand Users + permissions and select Security roles.


  5. From the list of Security Roles, select the role created in the previous section.
  6. Click the Edit link at the top.

    Security Role Permissions

  7. On the Service tab, scroll down to the Case entity and assign the role Read and Append To permissions at Organization level (click multiple times to change to the appropriate level).



    Security Role Permissions - Custom Entities

  8. On the Custom Entities tab, scroll down to the entities that begin with BeyondTrust and assign all permissions at Organization level for these BeyondTrust entity types.


  9. Click Save and Close at the top to save the new permissions.