Dynamics 365 Business Central and Dataverse integration: it’s time to upgrade your connections

One of the coolest feature in Dynamics 365 Business Central is surely the Dataverse integration, a foundamental building block for integrating the ERP with Dynamics 365 applications and Power Platform.

If you’re using Dataverse with Dynamics 365 Business Central, with the last 18.3 release a new announcement was present in the feature list: Client secret-based service to service authentication deprecation for Microsoft hosted tenants integrating to Dataverse. To ensure no disruptions in integration between Business Central and Dataverse you must upgrade your Business Central connection to Dataverse to certificate-based authentication. Although change will happen in March 2022, we strongly recommend you perform the steps as soon as possible.

What does that mean?

In April, 2022, Dataverse is deprecating the Office365 authentication type (username/password) in order to remove a security protocol (WS-Trust) that is inherently insecure by current encryption standards.

The WS-Trust security protocol, when used in conjunction with a user account and password, implements an authentication flow that presents both the user ID and password to the authenticating resource in a “clear text” form, relying solely on the transport encryption to provide security for the initial step of the authentication, until the token service returns an authentication token to use. Additionally, the WS-Trust protocol does not support modern forms of Multi-Factor Authentication and conditional access controls.

Additionally, in March, 2022, Business Central is deprecating the use of client secret based service-to-service authentication for online tenants and will require the use of certificate-based service-to-service authentication for connections to Dataverse.

What I have to do for this?

Certificate-based authentication is available in Business Central 2021 release wave 1 and later, so please check to have your tenant upgraded to this version (but I think you’re on this situation).

To upgrade the service connection in order to use certificate-based service-to-service authentication for Dataverse is very easy. Open the Dataverse Connection Setup page, choose Connection and then click on Use Certificate Authentication:

You will be prompted to login. Sign in with administrator credentials for Dataverse. When the login is successfully established, a blank page like the following appears for less than a minute. Don’t close this page:

When the service connection upgrade was completed, you will receive a response like the following:

That’s done!

If you’re using integration with Dynamics 365 for Sales, you should do the same process from the Microsoft Dynamics 365 Connection Setup page:

Easy as you can see, but please remember the following things:

  1. You must repeat these steps for each Business Central environment (both production and sandbox environments) and for each company where you have a connection to Dataverse.
  2. The changement is needed only for Microsoft’s online tenants. ISV-hosted online tenants and on-premises installations can continue to use the standard Office365 authentication.

If you’re using Dataverse integration with Dynamics 365 Business Central, no reason to wait… upgrade your service connection.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.