Dynamics 365 Customer Insights
Application permissions (server to server)
The app registration instructions showed how to set up an app that requires a user to login for authentication
This page illustrates how to create an app registration that does not need user interaction and can be run on a server
Add Customer Insights API Permissions
On your App registration, navigate to the API permissions tab
Click Add a permission, select the APIs my organization uses tab in the side-panel, and search for and select Dynamics 365 AI for Customer Insights.
For the permission type, select Application permissions, expand and check the
api.access permission, and click the Add permissions button
Add Customer Insights Azure AD Service Principal
For granting admin consent on this Application permission, there is a prerequisite to add a service principal
First, install the AzureAD PowerShell module:
Install-Module -Name AzureAD -AllowClobber -Scope AllUsers
Next, connect to your Azure Active Directory (AD) account (you can find your Tenant ID under the Overview page on the Azure Active Directory blade)
Connect-AzureAD -TenantId <your tenant id>
Finally run this command to add a Azure AD Service Principal.
AppId parameter in this command pertains to the external Customer Insights API app and should be exactly as shown below.
"38c77d00-5fcb-4cce-9d93-af4738258e3c" -DisplayName "Microsoft Customer Insights"
If you see this error, then your tenant already has the Service Principal added and you can proceed to the next step:
Error occurred while executing NewServicePrincipal
Message: Another object with the same value for property
servicePrincipalNames already exists.
Granting admin consent
Navigate back to your App registration's API permissions page
Click the Grant admin consent for... button
Add App registration to Customer Insights environment Users
Finally, we must add the App registration as a User of the Customer Insights environment.
Navigate to the Permissions page's Users tab and click Add users.
In the search, enter the name of your App registration, select the App registration from the search results, and click Save.
Your app registration is now ready to use
You can use the Application/Client ID for this app registration (on the Overview page) with the Microsoft Authentication Library (MSAL) to obtain a bearer token to send with your request to the API
More information about how to use MSAL can be found here
For information on using the API via the Customer Insights client libraries, check out our instructions here