I have registered a custom mobile app in azure, and the mobile app integrates with AX for data. My doubt is do I have to give a system administrator role for the users to access the data from AX or only system user is fine?
could anyone please let me know what exactly is the use of this form in d365fo,
Whether you need the form at all depends on how you’ve registered the app in Azure Active Directory.
If as a web application and you use a client secret for authentication, you must create a record in the form and decide which user in F&O will be used for connections from the app.
If it’s registered as a native app and you authenticate with username and password, you don’t need the form. The user is already known.
Anyway, the best practice for any permissions is granting as little as possible. For instance, if the goal is reading prices from a single entity, why would you grant permissions to read and change everything? It would be a significant security risk.
We have used a client secret authentication.
And what I have understood from your reply is we can give users role based on how much the content they have to see.
Do we have to create a role specifically for this purpose, like to grant the user from that app to 365fo or should we have to map the existing roles that are already available in d365fo?
It’s up to you. If you have a suitable role, use it, if none role is suitable, create a new one.
Thanks for your reply Martin.