Sign Up for Training |
insightsoftware Company Site
Home ▾

Getting Started

Report Design

Scheduling & Distribution

Jet Budgets

Jet Data Manager

Configuration

Installation

Troubleshooting

Release Notes

Community
Downloads
Training
Submit a Request
Become a Jet Insider
Give Feedback

Configure Office 365 Authentication for Dynamics NAV or Business Central On Premises


This article applies to using the Jet Reports Excel Add-in (2017 or higher) with Dynamics NAV 2015 - 2018 or Business Central On Premises

Overview

The purpose of this guide is to outline the procedures necessary in order to configure the Jet Excel add-in to use Office 365 credentials for authentication to a Dynamics NAV 2015 - 2018 or Business Central On Premises using OAuth.

Once an instance of Dynamics NAV or Business Central has been configured for Office 365 single sign-on, there are only a few small steps required to use the same Office 365 credentials for authentication using the Jet Excel add-in.

Note - This authentication method does not currently support Multi Factor Authentication.

Prerequisites

The configuration instructions assume that these changes have already been made successfully:

  1. The Dynamics NAV or Business Central On Premises environment has already been configured for users to authenticate with Azure Active Directory. This is explained in the following document for Dynamics NAV https://docs.microsoft.com/en-us/dynamics-nav/authenticating-users-with-azure-active-directory or the following document for Business Central On Premises https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/authenticating-users-with-azure-active-directory

  2. Enable SOAP Services in the Dynamics NAV Server or Business Central On Premises Server Instance. This is explained in the following document for Dynamics NAV https://docs.microsoft.com/en-us/dynamics-nav/configuring-microsoft-dynamics-nav-server#SOAPServices or the following document for Business Central On Premises https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/configure-server-instance#SOAPServices 

  3. The registered Dynamics NAV or Business Central application must have a custom scope defined in the Expose an API section of the App Registration in the Azure portal. An example scope name for this is user_impersonation.

    add_scope.png

  4. A Dynamics NAV 2013 - 2018 (Web Services) or Dynamics 365 Business Central (Web Services) On Premises data source has already been created.

Configuration

There are four steps are required in order to fully complete the Office 365 authentication configuration.

  • Get the Server Application URI
  • Configure the Server Application ID in the Microsoft Dynamics NAV or Business Central Instance Settings
  • Register the Jet Excel add-in as a client application in Azure Active Directory
  • Configure the Data Source in the Jet Excel Add-In

Get the Server Application URI

  1. Go to https://portal.azure.com and sign in with the credentials for your Azure subscription.

  2. Click Azure Active Directory and select the same Azure AD in which you registered the NAV or Business Central application.

  3. Click App Registrations and then click on the application that represents the Dynamics NAV or Business Central installation (configured during step 1 of the prerequisites above)

  4. Click Expose an API and take note of the Application ID URI. This will be referred to as the Server Application URI.  If one is not set, please select 'Set' to get the URI.

    expose_api.png
    copy_URI.png

Configure the Server Application ID in the Microsoft Dynamics NAV or Business Central Instance Settings

  1. Open the Dynamics NAV Administration or Business Central Administration console and select the instance for configuration in the left pane.  Note that the instance should already be configured with AccessControlService or NAVUserPassword as the credential type as configured during step 1 of the prerequisites above.  Click Edit

    nav_admin_edit.png

  2. Insert the Server Application URI noted in the previous section into the Azure Active Directory App ID URI setting.  This can be found in the Azure Active Directory (Azure AD) pane of the Administration console.  Click Save

    add_URI_save.png

  3. The instance will need to be restarted for the new setting to take effect.

    restart.png

Register the Jet Excel add-in as a client application in Azure Active Directory

  1. Go to http://portal.azure.com and sign in with the credentials for your Azure subscription.

  2. Click Azure Active Directory and select the same Active Directory in which you registered the NAV or Business Central application.

  3. Click App registrations and then click + Add at the top of the page.

    aad_app_registration.png

  4. Enter the name of the application, for example as Jet Reports, and press Register.

    register_new_app.png

  5. On the Overview page, select Expose an API and choose Set on the following page.  Click Save.

    jr_set_URI.png
    uri_save.png

  6. Select API permissions.  Click Add a permission and select My APIs at the top of the window.  Choose the NAV or Business Central application (for which the scope was exposed during Step 3 of the prerequisites), tick the permission and Click on Add permissions.

    add_api_perm.png
    my_api.png
    add_perm.png

  7. With the permission added, now select Grant admin consent for the domain and the status will be updated accordingly.

    grant_admin.png

  8. On the Overview page, Click on Authentication.  Under Allow public client flows choose Yes. Click Save.

    auth_allow_pub_client_flow.png
     Note that you will need to add a Redirect URI if enabling it for Multi-Factor Authentication.

  9. Take note of the Application (client) ID and the Application ID URI from the Overview page.  You will use them in the next section when configuring the Jet Excel add-in.

    step_9.png

Configure the Data Source in the Jet Excel Add-In

  1. Open Microsoft Excel and click on the Jet ribbon.

  2. Select Data Source Settings from the Settings are of the Jet ribbon and choose the Dynamics NAV 2013 - 2018 (Web Service) or Dynamics 365 Business Central (Web Services) On Premises data source that has already been configured. 

    data_source_transition.png

  3. Click the Authentication tab on the left side and change the drop-down to Office 365 authentication.

    select_o365.png

  4. Provide the appropriate settings as described below:

      • Azure Active Directory Tenant
        This value is the identifier of the Azure Active Directory tenant.  This can either be referenced by identifier (GUID) or domain.  All Active Directory tenants are given a default domain of “DOMAIN.ONMICROSOFT.COM”.  Any of these values can be used here.
      • Client application ID
        The client application ID is a value assigned to the registered client application when it is configured in Azure. This should be in a GUID format.
        (00000000-0000-0000-0000-000000000000).
      • Client application URI
        This is the Application ID URI for the registered Jet Reports client application in Azure AD.  It should be entered in a valid URI format ("api://UriHere").
      • Server application URI
        This value represents the Dynamics NAV or Business Central installation that was registered within Azure Active Directory.  Usually, this URI is the address of the Dynamics NAV Web Client. Within Azure, this value is called the Application ID URI.
    settings.png

  5. Enter the valid Office 365 credentials.  These credentials must match those that have been configured within Dynamics NAV or Business Central On premises during the prerequisite steps.

    creds.png

  6. Once the credentials are accepted, the window will close automatically.

  7. Click Test Connection in the Data Source Settings window ribbon to verify that the credentials supplied can successfully access the data source. 

    success.png

Enabling Multi-Factor Authentication 

  1. Under the Authentication tab of the client application, please select Add a platform

    add_redirect_URI_1.png

  2. Select Mobile and desktop application

    add_redirect_URI_2.png

  3. From there, please select https://login.live.com/oauth20_desktop.srf (LiveSDK). Select Save

    add_redirect_URI_3.png

  4. With that URL selected, select Save

    add_redirect_URI_4.png

Updated : insightsoftware support
Was this article helpful?
0 out of 2 found this helpful

Comments