Add OAuth Application and DMS Credentials

This section describes how to add OAuth 2.0 application and create DMS Credentials.

OAuth 2.0 Application Card

OAuth 2.0 Authorizations are configured in the DMS OAuth 2.0 Application Card page. Choose the Lightbulb that opens the Tell Me feature icon, enter DMS OAuth 2.0 Application, and then choose the related link.

oauth-application-card

Specific Fields on the General FastTab

Code: Defines a unique identifier for the OAuth Authorization; maximum of 20 characters.

Specific Fields on the Authorization FastTab

The Grant Type field specifies the used grant type for the OAuth Authorization. The options are:

Authorization Code - Used to obtain an access token on behalf of a user through a multi-step authentication process involving redirection and token exchange.
Client Credentials - Is used by clients to obtain an access token outside of the context of a user.

Credentials

Client ID: Specifies the Application (client) ID of the registered Microsoft Entra ID application.
Client Secret Value: Specifies the client secret value of the registered Microsoft Entra ID application.

Parameters

Scope: Add permissions to access SharePoint
Resource: Defines the tenant’s SharePoint URL, for example https://mytenant.sharepoint.com.
Redirect URL: Specifies the reply URL where the Microsoft identity platform sends security tokens after authentication.

Specific Fields on the Endpoints FastTab

Authorization URL: Defines the /authorize endpoint of the client request.
Access Token URL: Defines the /token endpoint of the client request.

In the Azure portal, in App registrations, select your application. On the app registration's Overview pane, select Endpoints and then copy the strings for OAuth 2.0 authorization endpoint (v1) and OAuth 2.0 token endpoint (v1).

To add OAuth 2.0 application information in Microsoft Dynamics 365 Business Central

Based on the selection of the Grant Type field, the fields to be completed on the DMS OAuth Application Card page are described in the following list.

Authorization Code Grant Type
Client Credentials Grant Type

oauth-application-card2

Code: Enter a unique identifier for the application; maximum of 20 characters.
Grant Type: Select the option Authorization Code.
Client ID: Enter the Application (client) ID of the registered Microsoft Entra ID application, see Register an Application.
Client Secret Value: Enter the client secret value of the registered Microsoft Entra ID application, see Add a Client Secret.
Scope: Enter the scope of the registered Microsoft Entra ID application, see Add permissions to access SharePoint.
Resource: Enter the tenant’s SharePoint URL. Use the string format https://<Your Domain>.sharepoint.com/.
Redirect URI: Enter the reply URL of the registered Microsoft Entra ID application, see Add a Redirect URI.
Authorization URL: Enter the endpoint string OAuth 2.0 authorization endpoint (v1) of the registered Microsoft Entra ID application, see Specific Fields on the Endpoints FastTab.
Access Token URL: Enter the endpoint string OAuth 2.0 token endpoint (v1) of the registered Microsoft Entra ID application, see Specific Fields on the Endpoints FastTab.

oauth-application-card2

Code: Enter a unique identifier for the application; maximum of 20 characters.
Grant Type: Select the grant type Client Credentials.
Client ID: Enter the Application (client) ID and the Directory (tenant) ID of the registered Microsoft Entra ID application, see Register an Application. Use the string format <Client ID>@<Tenant ID>.
Client Secret Value: Enter the client secret value of the registered Microsoft Entra ID application, see Add a Client Secret.
Scope: Enter the scope of the registered Microsoft Entra ID application, see Add permissions to access SharePoint.
Resource: Enter the tenant’s SharePoint URL. Use the string format 00000003-0000-0ff1-ce00-000000000000/<Your Domain>.sharepoint.com@<Tenant ID>.
Redirect URI: Leave empty.
Authorization URL: Leave empty.
Access Token URL: Enter the Access Token URL of the registered Microsoft Entra ID application. Use the string format https://accounts.accesscontrol.windows.net/<Tenant ID>/tokens/OAuth/2.

Request Access Token

Choose the Request Access Token action to test the authentication. A consent dialog pops up to log in with user credentials. The Status should be Connected.

Optional: Choose the Clear Tokens action to remove the cached tokens. If you don't clear the token, the next authentication attempt will use the refresh token to create a new access token, similar to the Refresh Access Token action.

oauth-application-card-connected

To add credentials in Microsoft Dynamics 365 Business Central

To complete the credentials in COSMO Document Management System, choose the Lightbulb that opens the Tell Me feature icon, enter DMS Credentials, and then choose the related link.

oauth-dms-credentials2

The fields to be completed on the DMS Credentials page are described in the following list.

Code: Defines a unique identifier for the credential; maximum of 20 characters.
Type: Defines the type of authentication. OAuth 2.0 is a registered app inside the Microsoft Entra ID.
Realm (Azure Tenant ID): Leave empty.
Target Host: Leave empty.
App Client ID: Leave empty.
App Client Secret: Leave empty.
OAuth 2.0 Code: Specifies the OAuth 2.0 Authorization Code field used to communicate with SharePoint online, see OAuth 2.0 Application Card.

Feedback

Submit feedback for this page.