Web application registration

Before you set up the Azure mobile site for the Mobile Client, you must first make a web application registration. The Azure web application registration ensures that the Mobile Client web app has security permissions to access Dynamics 365 for Finance and Operations.

Some steps regarding creating a web application registration require that you're set up as an 'Azure Global Administrator'.

For more information on how the Mobile Client is integrated with the Azure Active Directory, refer to this article from Microsoft: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app.

  1. Select the link https://portal.azure.com to open Microsoft Azure Dashboard.
  2. Navigate to Azure Active Directory.
  3. Select App registrations, and select the New registration button.
  4. In the Name field, insert the name of your Mobile Client. Examples: "Mobile AM Prod" and "Mobile AM Test-01".
  5. Select "Single-page application (SPA)" in the drop-down.
    1. This URL must be exactly the same as used when setting up the Azure Mobile Site, which is described in the article Add the Azure app. The sign-on URL must contain the complete URL to the mobile client main site, for example: "https://example.azurewebsites.com/index.html".
  6. Select Register and wait for the resource to deploy.
  7. Navigate to App registrations settings.
  8. Select API permissions from the settings menu.
    1. Select Add a permission > Dynamics ERP.
    2. Select Application permissions.
    3. Select one permission: Connector.FullAccess.
    4. Select Add permission.
    5. Select Add a permission > Microsoft Dynamics ERP.
    6. Select Delegated permissions.
    7. Select two permissions: AX.FullAccess and CustomService.FullAccess.
    8. In API permissions > Grant consent, select Grant admin consent for... and select "Yes" on pop-up screen. This step requires that you have the role 'Azure Global Administrator'.
  9. Ensure that the redirect URIs correspond with the App site URL and any virtual applications that was configured in earlier steps (refer to the article Add the Azure app).
    1. Verify that you use the "Single-page application" platform.
    2. In the Implicit grant section, ensure that there are no check marks in the Access tokens and ID tokens check boxes.
    3. If you're upgrading, select Manifest and ensure that oauth2AllowIdTokenImpliciFlow and oauth2AllowImplicitFlow are set to "False".
  10. Select Overview from the settings menu.
    1. Find and copy the Application (client) ID for your mobile client application. You'll use this Application ID to set up the Azure mobile site, described in the article Add the Azure app.

Step 5: Select "SPA" in drop-down.
Step 8.a: Select "Dynamics ERP" permission.
Step 8.c: Select "Connector.FullAccess" permission.
Step 8.g: Select two permissions.
Step 9: Check redirect URIs.
Step 9.a: Verify "Single-page application" platform.