Create a service principal with Power Platform CLI
Create a service principal with Power Platform CLI
Introduction
To perform an integration with Dynamics 365 you typically need to set up a service principal in Azure.
To achieve this goal you must complete several steps:
- Create an Azure App Registration
- Create a secret for that App Registration
- Set up API permissions for Dynamics 365
- Create an Application User in the Power Platform Admin Center
- Assign permissions to the Application User
A tutorial to perform those actions : https://dynamics-chronicles.com/article/step-step-connect-d365-clientsecret-use-apis
All these manual steps take time. But you can perform them with a Powershell command (pac admin create-service-principal).
Create your service principal
First you have to install Power Platform CLI on your machine.
Power Platform CLI is a command-line interface used to perform various operations in the Power Platform related to environment lifecycle, authentication, and work with Dataverse environments, solution packages, portals, code components.
You can download the MSI file here : https://aka.ms/PowerAppsCLI
Power Platform CLI reference guide : https://learn.microsoft.com/en-us/power-platform/developer/cli/reference/tool
After installing Power Platform CLI open a Powershell command prompt and type the command pac to check that the installation was successful.
Then type the following command to update to the latest version.
pac install latest
Next step is to connect to your Dataverse environment with an authentication profile.
To get a list of all authentication profiles type the following command :
pac auth list
As you can see I have no authentication profile installed.
To create a profile type the following command:
pac auth create -env
You will be asked to provide your credentials. Below the result :
The last step is to use the command below :
pac admin create-service-principal --environment
Now you can check the result in your Azure Portal.
As you can see below a new App Registration has been created.
A secret with one year validity has been created for the App Registration.
And correct permissions have also be added.
You can see your new application user in the Power Platform Admin Center.
The application user has the security role 'System administrator'.
It is the default security role when you use the command pac admin create-service-principal.
If you want to associate another security role you have to use the option --role.
pac admin create-service-principal --environment --role
Where
Below the command to create a service principal with security role 'Sales Manager' assigned to the application user.
Create a service principal with Power Platform CLI
Published on:
Learn moreRelated posts
Power Platform & M365 Dev Community Call – July 4th, 2024 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...
Community Event in Faisalabad: App Development with Power Platform🚀
On June 29, 2024, I had an awesome time hosting two sessions at Birdview Logic Business Hub in Faisalabad on “App Development with Power...
Power Platform – Storage Shared Access Signature security enhancements announcement
Microsoft has announced the public preview of security enhancements for Storage Shared Access Signature (SAS) for the Power Platform, which wi...
YAML Essentials for the Power Platform
Automating Customer Enquiry Handling with Dynamics 365 and Power Platform Connectors in Copilot Studio
In today’s digital age, providing a seamless and efficient way for customers to submit enquiries or complaints via a company’s website is esse...
Microsoft 365 & Power Platform Call (Microsoft Speakers) – June 25th, 2024 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...
Recognition of Power Platform competence
Our expertise has been recognized once more, and we have achieved the Solutions Partner status for Microsoft Business Applications again this ...