EliteParks - Creating Entra Apps for Integrations

Introduction

This document is a guide for setting up Microsoft Entra App Registrations, which provide authentication for connecting to EliteParks. For example, when your website uses the Booking API for reservations or availability checks, it authenticates with OAuth 2.0 using the Client ID and Client Secret from an Entra App.

Create Azure App

This will be the Azure App which will consume the EliteParks API.

1. Open the Azure Portal Home - Microsoft Azure

2. In the left pane, select Azure Active Directory

3. Under Manage, select App registrations

4. Select New registration

5. Enter the following values:

   1. Name = Elite API ([API Consumer Name])

      1. E.g. Elite API (WebSite)

   2. Support account type = Accounts in this organizational directory only

   3. Redirect Url

      1. Platform = Web

      2. Url = https://businesscentral.dynamics.com/OAuthLanding.htm

6. Select Register

7. From the left pane, Select Overview

8. Save the Application (client) ID value

Assign the Azure API permissions

We need to assign the correct Azure API permissions to the App so it can connect to Business Central.

1. Open the Azure Portal Home - Microsoft Azure

2. In the left pane, select Azure Active Directory

3. Under Manage, select App registrations

4. Select the EliteParks API (API Consumer Name) app

5. In the left pane, select API permissions

6. Select add a permission

7. Select the following permissions

   1. Dynamics 365 Business Central

   2. Application permissions

   3. API.ReadWrite.All

8. Click Add permissions

9. Click Grant admin consent for {tenant name}

10. Click Yes

Create Client Secret

Once the app has been created, proceed with creating a client Secret for the app in Azure.

❕ Important Note

Client secrets do have expiry dates, and the date depends on the length you choose. Microsoft provide predefined lengths for you to choose to assist with this process. You must ensure you keep record of Client Secret expiries, to give you time to generate a new one.

We recommend rotating client secrets every 12 months, by creating a new client secret. This then needs to be added to any application using the current secret.

1. Open the Azure Portal Home - Microsoft Azure

2. In the left pane, select Microsoft Entra ID

3. Under Manage, select the App Registrations

4. Select the newly created App

5. On the left pane under Manage, select Certificates & Secret

6. Select New Client Secret. Enter a Description

7. Click Add. This will then add a new Client Secret

8. A new line will appear, please copy the Value as this is the Client Secret you will be using

Register Azure App in EliteParks

We need to register the App in EliteParks so it can authenticate and Business Central can create associated User record.

1. Open the Business Dynamics 365 Business Central

2. Go to Azure Active Directory Applications

3. Click New

4. Enter the following values:

   1. Client ID = Application (client) ID

   2. Description = {API Consumer Name} API

      1. E.g. WebSite API

      2. This will be the value used to create the User ID

      3. This record is created when the field is validated

   3. State = Enabled

5. Assign EPW API APP  permission for all companies

6. Click action Grant Consent

7. Sign in using our account in the Customers tenant

8. Accept permissions request

9. Note the Access Token Url

Create Azure App User Records in EliteParks

We need to create the user records for the Azure App in in EliteParks.

1. From the Azure Active Directory Applications Card

2. Click Create Default User Records action

This will create records in EliteParks User Setup and depending on what the app will be doing will determine the permissions setup on here.

Permissions

By default the permission set used for Entra Apps is EPW API APP. You can create your own custom app if you want to strip down permissions as this will grant access to everything.