Overview
If your organization is enforcing Multi-Factor authentication to log into your Dynamics 365 Business Central Cloud Web Services data source and you are planning on using the Jet Hub, then you’ll need to setup an additional Azure App Registration.
This guide is intended for users with administrator access to their Azure portal.
This functionality does not require additional or premium licensing on the part of Azure Active Directory.
Note: This step is not required for running reports in the Jet Excel Add-in as MFA is natively supported in that configuration. This is required for users who will use the Hub and not the Excel Add-in.
Register your App
-
Log in to your Azure portal (portal.azure.com)
-
Navigate to your Azure Active Directory
-
Click on App registrations
-
Click on +New registration to register a new app
- Give your App a recognizable name.
- Under Supported Account Types, select Accounts in any organization directory (Any Azure AD directory - Multitenant)
- Under Redirect URI (optional), select the type of Web and enter your Jet Hub URL followed by "/DataSources/Authorize"
This entry must start with https:// and contain the base URL that your users will use to sign in to your Jet Hub. The URL could contain the machine name to which you will install Jet Hub or the DNS entry for this site. Examples are:
https://myservername.mydomain.com/DataSources/Authorize
https://dnsname.mydomain.com/DataSources/Authorize
Copy your entered Jet Hub Redirect URL value and paste into Notepad (or other text editor) for saving. This will be used in a future step. - Click Register
-
Configure your App
Now that your app is registered, there are additional settings that are needed.
-
Navigate to the Authentication page
-
Check the box for ID tokens, then click Save
-
-
On the Certificates & secrets tab, click +New client secret to set up your Client Secret
- Give your client secret a description, select when it expires, then click 'Add'.
Never is recommended for the Jet app expire option.
Copy the generated secret value and paste into Notepad (or other text editor) for saving.
This will be your only chance to copy it, and it will be required information during the install of Jet Products. If you forget to copy it, you can just create another secret.
- Give your client secret a description, select when it expires, then click 'Add'.
-
Navigate to the API permissions tab, click +Add a permission, and click on Dynamics 365 Business Central.
- Select Dynamics 365 Business Central
- Select Delegated permissions
- Check the user_impersonation checkbox
- Click Add Permissions
-
From the API Permissions page, click on the Grant admin consent for <DomainName> button. Then, click Yes in the confirmation dialog.
-
Go to the Overview page and copy the Application (Client) ID and the Directory (tenant) ID and paste them into Notepad (or other text editor) for saving. This will be used in a future step.
Open Jet Hub settings with an administrator account
-
Navigate to the BC Cloud MFA page
- Enter your Application (client) ID into the Client Id text box.
- Enter your Directory (tenant) ID into the Tenant Id text box.
- Enter your Redirect URI into the Jet hub redirect Url text box.
- Enter your Client Secret into the secret text box.
- Click Save.
-
Navigate to the reports screen and try running a report that is using a Business Central Cloud Web Services data source.
- Log in to your Jet Hub
- Run or upload a report using a Business Central Cloud Web Services data source
- Click the Sign in with Microsoft button
- A new tab will open which will allow you to sign in using Microsoft's authentication. After completion, the tab will close.
- You're now using your Multi-factor enabled account within the Jet Hub.
- Run or upload a report using a Business Central Cloud Web services data source to verify that your data source has been setup correctly.
Comments