Connecting to Dynamics 365 via OAuth using a Custom Azure App and the Authorization Code Flow

The following documentation relates to version 3.0.2076 and above.

You can create your own custom Azure Application to allow Data Sync to connect to your Dynamics 365 site using OAuth. The following documentation will explain the process you need to follow to create your own Azure app and use the authorization_code flow with a user identity. If you want to use the client_credentials flow, please see our documentation here.

Create the Application

Login to your Azure Portal and navigate to Azure AD > App Registrations > New Registration to create your application.

Enter in a name for your application and select the account type you want to use, as we want to keep this private and only need access to those within our organization so we have selected Accounts in this organizational directory only.

Enter http://localhost as the redirect URI and then click onto Register to create the app. You'll now be given an overview of your app credentials (Client ID and Tenant ID). Make a note of these as you will need them to connect in Data Sync.

App Registration

Something to consider: If you make this a public app you will not need to generate and enter a client secret. If you choose this then please skip the add a client secret step and leave this field blank in Data Sync

Set Permissions

We now need to set the permissions for the app. To do this go to API permissions > Add a permission > Dynamics CRM > Delegated permissions and then select user_impersonation. This allows you to read and write to your Dynamics entities. Click Add Permission to add it to the list.

Set Permissions

Add a Client Secret

Now you need to create a client secret. To do this go to Certificates & Secrets and click onto New client secret. Type in a description and set an expiry for the secret. Once you are done click Add.

New Client Secret

You now need to copy the client secret value to use in Data Sync later on. Please make a note of this value as you will not be able to view it again. If you loose it you will need to create a new client secret.

Copy Client Secret

Get the Endpoint URLs

You need to gather the endpoint URLs so then you can connect in Data Sync. To do this click onto Overview > EndPoints and then copy the OAuth 2.0 authorization endpoint (v2) and OAuth 2.0 token endpoint (v2).


Now open Data Sync to connect.

Connect in Data Sync

In Data Sync open the connection window and select Microsoft Dynamics and then the Microsoft Dynamics 365 provider.

Enter in the URL to your Dynamics site into the URL field. Data Sync will automatically format your URL to the Organisation Service SOAP\WCF service endpoint. You can just copy and paste the URL from your site into the field, e.g. https://<domain>

Make sure that the Authentication Method is set to Custom OAuth Application and enter in your ClientID, ClientSecret, AuthorisationURL and TokenURL. You also need to ensure that GrantType is set to authorization_code and the RedirectURL is http://localhost.

Then click the Authorize Connection button to authorise the connection to Dynamics.

Dynamics 365 Connection

This will open up a window stating Waiting for OAuth Authorization Code and your default browser to enable you to authorise the request.

Waiting Window

Sign in to your Microsoft account and then click Accept to accept the permissions.

Permissions Requested

You can now go back to Data Sync and select the entity you want to connect to from the dropdown list. Then click on to Connect & Create Library Connection to save the connection to your local connection library.

Select Entity

You can re-use the connection to your Dynamics site from the Connection Tree whenever you are creating projects or adding lookups. You can also preview the data before selecting it as your source or target.

Please note that you only need to save the connection to your site once, you will be able to access all of your entities within that site from the connection library.

Connection Tree