GoodFunds Help Center
Microsoft Dynamics 365 (Developer)

Azure / Entra ID Setup

Register an app in Microsoft Entra ID, grant it access to your Dataverse environment, and collect the four credentials GoodFunds needs.

GoodFunds authenticates as an app registration using the OAuth 2.0 Client Credentials flow (server-to-server). Before you can configure the provider in GoodFunds you need to create that registration in Microsoft Entra ID and authorize it inside Dynamics.

You will end up with four values:

CredentialWhere it comes from
Tenant IDEntra ID → app registration overview
Client IDEntra ID → app registration overview
Client SecretEntra ID → app registration → Certificates & secrets
Environment URLYour Dynamics environment, e.g. https://org123.crm4.dynamics.com

1. Register the application

  1. Open the Microsoft Entra admin center (or Azure Portal → Microsoft Entra ID).
  2. Go to App registrations → New registration.
  3. Give it a name (e.g. GoodFunds CRM Integration).
  4. Leave the redirect URI empty — the Client Credentials flow does not use one.
  5. Register.

On the registration's Overview page, copy:

  • Application (client) ID → this is the Client ID.
  • Directory (tenant) ID → this is the Tenant ID.

2. Create a client secret

  1. In the registration, open Certificates & secrets → New client secret.
  2. Add a description and an expiry.
  3. Copy the secret Value immediately — it is only shown once. This is the Client Secret.

The secret expires. Note the expiry date and rotate it before then, otherwise the sync will start failing with an authentication error.

3. Find your Environment URL

In the Power Platform admin center open your environment. The Environment URL looks like:

https://org123.crm4.dynamics.com

Use the base URL only — no trailing path and no trailing slash.

Watch for stray spaces. A trailing space copied into the Environment URL is the usual cause of the Azure error AADSTS70011 invalid_scope, because the URL flows into the OAuth scope ({environmentUrl}/.default). GoodFunds strips surrounding whitespace and trailing slashes defensively, but it is still best to paste a clean value.

4. Authorize the app inside Dynamics

The app registration must exist as an Application User in the Dynamics environment, otherwise the API rejects it even with a valid token.

  1. In the Power Platform admin center, open your environment → Settings → Users + permissions → Application users.
  2. New app user, pick the app registration you created (by its Client ID).
  3. Assign a security role that allows reading and writing contacts (e.g. a role with create/read/ write/append privileges on the Contact entity).

5. Verify

Once configured in GoodFunds, the Test connection action calls the Dataverse /WhoAmI endpoint. A successful response (returning UserId, BusinessUnitId, OrganizationId) confirms that:

  • the tenant, client id and secret are correct,
  • the environment URL is reachable, and
  • the application user has access.

Continue with Configuration in GoodFunds.

Overview

Connect Microsoft Dynamics 365 as a CRM provider in GoodFunds and sync contacts into your Dataverse environment.

Configuration in GoodFunds

Enter your Dynamics credentials, test the connection, and map GoodFunds fields to Dynamics contact attributes.

On this page

1. Register the application2. Create a client secret3. Find your Environment URL4. Authorize the app inside Dynamics5. Verify