We will be discussing the following scenario:
- User is going to sign-in or authenticate through Single Sign on (SSO) using the Microsoft organization account.
- Once authenticated by the Microsoft Identity Management (Azure AD in our case) the web app is going to call the Dataverse Web API to display records from the Accounts table.
In this blog post we will be using the following technology stack:
- Angular as a SPA framework.
- Microsoft Authentication Library (MSAL) to authenticate the user’s identity and generate the access token from the Microsoft cloud. You can read more information about MSAL from https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-overview
For simplicity we assume the following:
- You already have an access to the Azure portal which can be accessed from https://portal.azure.com/.
- You already have a Dataverse setup and a database has been initialized.
- You are familiar with Node Package Manager (NPM) CLI. NodeJS and NPM can be downloaded and installed from https://nodejs.org/en/download/.
- You are also familiar with Angular and its associated concepts like components, templates and dependency injections in particular. You can find more information about Angular by visiting https://angular.io/.
Installation of NodeJS and Angular is also out of scope of this blog post.
The first step which we need to take is the app registration in the Microsoft Azure. Once the app (Angular SPA in our case) is registered within the Azure then the app can participate in Single Sign on (SSO) using the Microsoft accounts. In the section below we are going to discuss step-by-step with screen shots how the app can be registered within Azure.
App Registration in Microsoft Azure
- In your browser login to the Azure admin portal https://portal.azure.com/. Once signed in successfully it is going to look like below:
2. From the Azure postal click on the App registrations and then click on the New registration as shown below:
3. On the new app registration form enter any name you like. Also, on the same form under the redirect URL, select Single Page Application (SPA) in the drop-down and enter the redirect URL. Since, we will be using and by default Angular works on port 4200 that’s why we have mentioned http://localhost:4200 as a redirect URL. This is the same URL to which Microsoft Azure will be redirected upon the successful user authentication.
And then click on Register button to complete the registration process.
- Copy the application id and store it somewhere like in a Notepad for later use.
- Click on API permissions on the left hand menu and then click on the Add permission button as shown below:
- On the Add permission form search for Microsoft Dynamics CRM in the application list and click on it.
- On the Dynamics CRM application form, please make sure that Delegated permissions is selected and then select user_impersonation from the permissions list and then click Add permissions button.
This completes the registration and the configuration of the app registration in Microsoft Azure. Now, you have to complete one additional step on Azure portal – make a note of the tenant id and copy it somewhere like Notepad. If you have multiple Azure subscriptions then you need to ensure you have already selected the correct subscription from the list. Then click on the tenant properties and copy the tenant id for later use.
This completes the first part of the two parts blog series. In our next blog post same day next week, we are going to discuss how an Angular app can connect to the Dataverse to consume the data.
About Impulz Technologies LLC
Impulz Technologies, is a Silver Certified Microsoft Partner company. We specialize in the implementation, consulting and development of Microsoft Dynamics and Microsoft Power Platform. Impulz Technologies also provide staff augmentation services all across the US. For more information please contact us at 630-540-6302 or email us at firstname.lastname@example.org