This document guides you through the workflow on adding the TimeLog PSA app in your Azure Active
Directory and creating the TimeLog integration credentials.
Prerequisites:
- Installed MSAL.PS Powershell module.
- User access need to be Global Administrator or Privileged Role Administrator
This workflow description is based on Microsoft Quickstart: Register an application with the Microsoft
identity platform
Azure AD Application registration
Sign into azure portal (https://portal.azure.com) and search on 'App Registrations'.
Register and application
Click '+ New registration'. Provide a 'Name' for application, set 'Supported account types' to "Accounts in
this organizational directory only".
In Redirect URI you select Web and add the URL for your Business Central on-premises browser client and
click 'Register' button to add the TimeLog integration application
API permissions
Setup API permissions for the newly created application, go to 'API permissions' and click Add an
application:
In order to acquire tokens as application (used for automation APIs), click: 'Dynamics 365 Business Central'
- 'Application permissions' and mark “app_access” and “API.ReadWrite.All”
Click Add permission
Grand admin consent confirmation
After permissions are added, click 'Grant admin consent for ...'.
Click Yes button to grant consent for the requested permissions.
Status in the table of permissions should change to 'Granted'
Certificates and secrets
Setup client secret (used in authorization code flow scenario and application scenario):
Go to 'Certificates & secrets' - 'Client secrets', click '+ New client secret
Add some Description, choose 'Expires' setting to 24 months and click 'Add'
After secret is created, copy secret 'Value' and save for later when setting up the TimeLog to BC integration.
Copy the Client secret of the registered application. You will need this later when setting up the TimeLog to BC Integration.
Copy client ID
Select Overview
Copy the Application (client) ID from the App registrations – Overview. You will need it when adding the
new client into your Business Central Azure Active Directory Applications.
Copy the Application (client) ID of the registered application. You will need in the Business Central Azure
AD application setup.
Setup of Azure Active Directory Application in Business Central
Complete these steps to set up the Azure AD application for service-to-service authentication in Business
Central.
In your Business Central client, search for Azure Active Directory Applications
Click New,
Past the copied Application (client) ID into Client ID, add a description name and change State to Enable
and click Yes to the new created user
Add the User Group D365 BASIC ISV
and User Permission Sets D365 BASIC ISV, SCBTIMELOGPSACORESET, SCBTIMELOGPSADKSET
The TimeLog PSA-app is now added in your Business Central and you are now ready to setup the
integration connection in your TimeLog installation.
TimeLog – BC integration connection configuration
Add the Business central integration in TimeLog system administration >> Integrations and API >>
Integrations and click Configure Business Central.
Select Business Central Cloud in Deployment version
Add the tenant ID and credentials into the related fields in the user interface
When you have added the credentials information in the four fields are you to click Connect to establish
the connection to your Business Central.
The Tenant ID is found in your BC installation via Assisted setup
Click on Setup TimeLog PSA and click slider next to Existing User, and click Next:
Copy the Tenant ID key and past it into the Tenant ID field in your TimeLog BC integration. Copy the Environment name key and past it into the Environment field in your TimeLog BC integration. Click Next and Finish on the next window to close the TimeLog PSA configuration.
The Client ID and Client secret is found in https://portal.azure.com/#home >> App registrations >>
Your TimeLog PSA app-name >> Overview
Comments
0 comments
Please sign in to leave a comment.