Skip to content

Setting up App Registration in Azure

The following steps need to be completed to create an App Registration in Document Central. An App Registration is required by Document Central, to be able to use all of the features that are available in Document Central.

Info

To perform this setup, it is necessary for the administrator account to be present in both Business Central and Azure Portal as only administrators have the necessary privileges.

Business Central (SaaS)

An App Registration Wizard is available in Document Central to configure an App Registration in Document Central. The App Registration Wizard will guide you to create a new App Registration for Document Central or using an existing App Registration. The following steps to configure the App Registration in Document Central for Business Central in SaaS environment.

  1. Navigate to Document Central - Module Setup.
  2. Click on the Configure App Registration action in the Document Central - Module Setup to proceed.
  3. Click on Begin to start the configuration of the App Registration.
  4. Choose either to Create a new App Registration or to Use an existing App Registration.

Create New App Registration

The following steps will guide you on how to create a new App Registration for Document Central through the App Registration Wizard.

  1. If a pop-up to sign in appears, make sure to sign in with an administrator account in both Document Central and Azure to continue with the creation of the App Registration.
  2. Enter a name for the App Registration in the App Registration Name field.
  3. Clicking on Next will start the creation process of the App Registration in Azure. This process will create all the necessary permissions and credentials to be used by Document Central.
  4. A pop-up will appear to create a new user in the Azure Active Directory Application. CLick on Yes to continue with the creation of the App Registration.
  5. You will be navigated to the Azure Active Directory Application page where you can click on the Grant Consent action button to provide administrator consent and permissions in Azure. If a pop-up appears. Make sure to sign in with an administrator account in both Document Central and Azure.
  6. Close the Azure Active Directory Application page, and the App Registration Wizard will be automatically navigated to the next step.
  7. The Client Secret of the App Registration will be shown only once. Please take a note of the Client Secret. You will not be able to go back to this step once you click on Next.
  8. Click on Next to continue.
  9. The configuration of the App Registration is now complete. Click on Finish to close the App Registration Wizard.

Use Existing App Registration

The following steps will guide you on how to use an existing App Registration for Document Central through the App Registration Wizard.

  1. If a pop-up to sign in appears, make sure to sign in with an administrator account in both Document Central and Azure to continue with the creation of the App Registration.
  2. Enter the App Registration Name of the App Registration you want to use in the App Registration Name field or use the lookup function to look for all existing App Registrations in your Azure tenant.

Using the lookup to enter the App Registration data automatically

  1. Choose an App Registration via the lookup, the wizard will automatically fill all of the necessary fields in the App Registration Wizard, except for the Client Secret.
  2. Enter the Client Secret of the selected App Registration in the Client Secret field. If the Client Secret is correct, the Next button will be enabled to proceed with the configuration of the App Registration.

Entering the App Registration data manually

  1. Enter the App Registration Name of the App Registration you want to use in the App Registration Name field.
  2. Enter the Application (client) ID of the App Registration you want to use in the Client ID field.
  3. Enter the Client Secret of the App Registration you want to use in the Client Secret field.
  4. Enter the Directory (tenant) ID of the App Registration you want to use in the Tenant ID field.
  5. Enter the Redirect URL of the App Registration you want to use in the Redirect URL field. In SaaS environment, the Redirect URL should be https://businesscentral.dynamics.com/OAuthLanding.htm.
  6. Enter the Service Principal ID of the App Registration you want to use in the Service Principal ID field.
  7. Click on Next to proceed with the configuration. If the Next button is disabled, make sure that all of the fields are filled in correctly.

Info

To get the Service Principal ID the following steps can be followed :

  1. In the Azure Portal, navigate to Enterprise applications.
  2. Change the filter to Application type == All Applications.
  3. Search for the App Registration you want to use.
  4. Click on the App Registration to open the App Registration page.
  5. Copy the Object ID from the Overview page. The Object ID is the Service Principal ID.

You can configure an App Registration in Document Central without granting admin consent. This option is intended for customers who prefer not to provide consent to our application.

  1. Navigate to Document Central – Module Setup.
  2. Click on Configure App Registration and select Manual App Registration.

  3. Enter the following information:

  4. App Registration Name

  5. Application (client) ID
  6. Client Secret
  7. Directory (tenant) ID
  8. Redirect URL (In SaaS environment: https://businesscentral.dynamics.com/OAuthLanding.htm)
  9. Service Principal ID
  10. Click Next to proceed.

Info

To get the Service Principal ID, follow the steps from the section Use Existing App Registration → Entering the App Registration data manually. Since no admin consent is given, make sure to manually review the configured permissions of the App Registration in Azure to ensure all required permissions are set correctly.

(Optional) In the next step, you can upload a certificate for authentication to SharePoint instead of using user impersonation. This step is optional and can be skipped.

Certificate

Document Central has the possibility to authenticate to SharePoint, by allowing the App Registration to use a certificate to authenticate to Sharepoint. If the selected App Registration does not have a certificate configured in Azure, a page will be shown to ask if you want to create a certificate for the selected App Registration. This is an optional step, and can be skipped by clicking on Next, however Document Central cannot authenticate to SharePoint with an App Context without a certificate.

By using a certificate, Document Central can work with the SharePoint without the need to impersonate the user. This also avoids the problem of the token expiring, which can happen when working with a user context.

To create a certificate for the selected App Registration, the following steps can be done :

  1. Turn on the Create a new certificate to create a certificate for the selected App Registration. By turning this option on, a certificate for Document Central will be created in this App Registration at the end of the configuration.
  2. Click on Next to proceed with the configuration.

Warning

Existing App Registration will be overwritten upon finishing the App Registration Wizard.

Renewing an App Registration credentials

The Client Secret and Certificate credentials have an expiration date. The credentials can be renewed without the need for the administrator to go to the Azure Portal by using the action Renew Secret/Certificate. The following steps describe how to renew the credentials of an App Registration:

  1. Navigate to the Document Central - Module Setup.
  2. Click on Renew Secret/Certificate to start the renewal process.

  3. Choose between:

  4. Automatic renewal – generates and applies a new Client Secret automatically via API calls.

  5. Manual renewal – opens a field where the administrator can enter a new Client Secret that was previously created in the Azure Portal. This option is intended for App Registrations that were manually added and do not support automatic renewal.
  6. If manual renewal is selected, enter the newly created Client Secret and confirm. Additionally, enter the expiration date of the secret in the End Date field, as the system cannot automatically retrieve this information for manually entered secrets. The value will then be set and stored directly in the system.
  7. Once the renewal process is finished, a message will be shown to inform the user that the renewal was successful, and the new Client Secret will be shown once. An administrator can take note of the new Client Secret for future use.
  8. Click OK to close the message, and the updated Client Secret and Certificate will be used by Document Central automatically.

Info

The new Client Secret and Certificate will be automatically applied to the other companies in Business Central, when the company shares the same App Registration data.

See also