Generate Microsoft Dynamics OAuth Tokens

To connect Microsoft Dynamics to a Knowledge Hub knowledge base, you must either provide your Microsoft Dynamics credentials to NiCE Professional Services or enter them in Knowledge Hub yourself. This page describes how to generate those credentials, also called OAuth tokens. You should treat the OAuth tokens like passwords. Be sure to store them in a secure location. If you lose them, you'll have to regenerate them.

This method is a developer effort. It requires knowledge of Python and Microsoft Dynamics admin privileges.

Complete each of these tasks in the order given.

Install Python

Complete this task if you don't already have Python installed on your computer.

  1. Install Python Box with arrow indicating navigation to external site..

  2. Run the installer. Select the box for Add python.exe to PATH, then click Install Now.

Register an Application in Microsoft Entra ID

  1. Sign in to the Microsoft Entra admin center.

  2. Browse to Entra ID > App registrations and select New registration.

  3. Enter a name.

  4. Under Supported account types, specify who can use the application. Select the option for Accounts in this organization directory only (Single tenant).

  5. Click Register.

    When finished, you will see the Microsoft Entra Overview page. Record the following:

    • Application (client) ID: This value uniquely identifies your application in the Microsoft cloud ecosystem, across all tenants.

    • Object ID: This value identifies your application in your tenant.

Configure the Application's Platform Settings

Platform settings include redirect URIs, specific authentication settings, or fields specific to the application's platform, for example, web and single-page applications.

  1. While still in the Microsoft Entra admin center, select Manage > Authentication.

  2. Under Platform configurations, click Add a platform.

    • Under Configure platforms, select the tile for your application type (platform) to configure its settings. For example, select Web.

    • Add a Redirect URIs for returning authentication responses. Note this value as you will need it when customizing the Python script.

  3. Click Configure.

Create a Client Secret

  1. While still in the Microsoft Entra admin center, select Certificates & secrets > Client secrets > New client secret.

  2. Add a description for your client secret.

  3. Select an expiration for the secret or specify a custom lifetime.

  4. Select Add.

  5. Record the generated values in the Value and Secret ID fields. The secret value is never displayed again after you leave this page.

    You will need these values when updating the Python script. In particular:

    • The Value setting will be specified for the client secret .

    • The Secret ID setting will be specified for the client_id.

Add API Permissions

Then, add API permissions to the app registration.

  1. While still in the Microsoft Entra admin center, select Manage > API permission.

  2. Click Add a permission.

  3. You need the following permissions:

    • Dynamics CRM permission, with search user _impersonation.

    • Microsoft Graph permission, with Delegated permissions.

Get the Instance Value for Your Microsoft Dynamics Application

  1. Log in to Microsoft Dynamics 365 Box with arrow indicating navigation to external site.. Use the credentials you used when registering the application.

  2. Click on Dynamics 365 Customer Service.

  3. Look at the URL and find the instance value. For example, the URL might start with https://org25634.crm4.dynamics.com and the instance value is org25634. Note this value as you will need to add it to the Python script.

Customize the Python Script

NiCE provides a Python script that you must customize with values specific to your configuration.

  1. Open a text editor and start a file named generate_oauth_tokens.py.

  2. Copy and paste the lines of code from this TXT file into your Python file.

  3. Near the top of the file, paste the values collected above:

    • Set client_id to the Application (client) ID value from when you registered an application.

    • Set client_secret to the Value generated when you created a secret.
    • Set instance to the instance value collected.
    • Set tenant_id to the Object ID value from when you registered an application.

    • Set redirect_uri to the Redirect URIs that you configured.

  4. Save the changes to the script.

Run the Python Script

  1. Run the Python script.

    While the script is running, you will see the following:

  3. Open the link mentioned. Log into the appropriate Microsoft account used for application registration and getting the instance URL.

    You are then redirected to the AWS console where you can get the Auth code.

  4. Look for the part that says code=. The value after code= is your authorization code.

  5. Copy the entire URL the script generates. Paste it into the terminal when prompted for the redirected URL and press Enter.

    The action will store the tokens in the dynamics_tokens.txt file, based on the path specified in your script. Tokens created are for:

    • Auth code

    • Access token

    • Refresh token

    The access token is valid for an hour.

  6. Copy the tokens the script generates and store them in a secure location.