Microsoft Dynamics 365 (CRM)
@omadia/integration-dynamics-crm
Microsoft Dynamics 365 / Dataverse connector for omadia. OAuth2 client-credentials Web API client (read-mostly). Publishes the 'dynamics.client' + 'dynamics.cache' services and contributes the read-only `dynamics_query` tool — accounts, contacts, leads, opportunities and any custom table. Writes (`dynamics_write`) are opt-in.
- latest
- v0.2.1
- license
- MIT
- versions
- 1
- author
- byte5 GmbH
install
In your omadia instance, open Admin → Registries and add this registry, then install Microsoft Dynamics 365 (CRM) from Admin → Plugins → Store.
https://hub.omadia.aisetup guide
Connect Microsoft Dynamics 365 (Dataverse)
This integration talks to the Dataverse Web API using an Azure AD app registration (server-to-server, OAuth2 client-credentials). About 10 minutes in the Azure + Power Platform admin portals. You collect four values — Tenant ID, Client ID, Client Secret, Environment URL — and paste them into the fields below.
1. Register an Azure AD application
- Azure Portal → Microsoft Entra ID → App registrations → New registration. Name it (e.g. "omadia Dynamics") → Register.
- On the Overview page copy the Application (client) ID, then click Endpoints and copy the OAuth 2.0 token endpoint (v2) — that is your Token URL (it embeds the tenant).
- Certificates & secrets → New client secret → set a long expiry (e.g. 24 months) → Add → copy the secret Value immediately (NOT the Secret ID — the value is shown only once).
You do not need to add any API permissions in Azure AD for this. Server-to-server access to Dataverse is granted by the application user + security role in step 2 below, not by Azure AD API permissions.
2. Create the application user in Dynamics
- Power Platform Admin Center → your environment → Settings → Users + permissions → Application users → + New app user.
- + Add an app → pick the app you registered (search by name / client ID) → choose a Business unit.
- Assign a security role with read access (and write, only if you plan to enable writes) on the tables you need. A least-privilege custom role is recommended over a broad built-in role.
3. Find your Environment URL
Power Platform Admin Center →
Environments → your environment → the Environment URL on the
detail page, e.g. https://contoso.crm4.dynamics.com. The crmN segment
encodes your region (e.g. crm4 = Europe, crm = North America).
4. Fill in the fields below
| Field | Value |
|---|---|
| Token URL | OAuth 2.0 token endpoint (v2) — step 1.2 |
| Base URL | Environment URL — step 3 (…/api/data/v9.2 optional) |
| Client ID | Application (client) ID — step 1.2 |
| Client Secret | The secret Value — step 1.3 |
| Scope | Environment URL + /.default |
| Grant type | client_credentials (default) |
Install — the connection is verified in the background with a WhoAmI
call (watch the plugin logs for connected or a WhoAmI failed warning).
Troubleshooting
- 401 / authentication failed — wrong Client Secret (you copied the Secret ID, not the Value), expired secret, or wrong Token URL / Scope.
- 403 / forbidden — the application user has no security role, or the role lacks privilege on that table. Revisit step 2.3.
- Cannot reach the host — your region's
crmNhost may be missing from the network allow-list. Add it topermissions.network.outboundand rebuild.
Least privilege: scope the security role to exactly the tables and verbs you need. Leave Enable writes off unless the assistant should create/update records.
versions
setup fields
Values the operator fills in at install-time.
permissions
memory
reads: [0] · writes: [0]
graph
reads: [0] · writes: [0]
network
outbound: [21]
filesystem
scratch: false