# Microsoft Dynamics CRM
Microsoft Dynamics CRM (opens new window) is a customer relationship management software package developed by Microsoft. It is built on the Microsoft Dynamics 365 platform, allowing users to easily extend and tailor the application for their business.
# How to connect to Microsoft Dynamics CRM on Workato
|Connection name||Give this connection a descriptive name to indicate which Dynamics CRM instance it is connected to.|
|Subdomain||The subdomain of your Dynamics CRM instance.|
|Account type||Indicate if you are connecting to a cloud instance or an on-premise instance.|
|AD domain Name |
Only for on-premise instance
|The Active Directory server.|
|Client ID||The client ID.|
|Client secret||The client secret.|
# Connecting to a cloud Microsoft Dynamics CRM instance
In order to connect to Microsoft CRM Dynamics on Workato, you need to obtain a client ID by registering your Microsoft CRM Dynamics app with Azure Active Directory. We walk through the process of registering Microsoft CRM Dynamics below.
- Sign in to the Microsoft Azure management portal by using an account with administrator permission. You must use an account in the same Office 365 subscription (tenant) as you intend to register the app with.
Microsoft Azure homepage
- Click App registrations.
App registrations is located on the navigation menu on the left
- If you already have an application, use that ID. If not, proceed to click Add. Provide a name for the application to add (typically "Workato"). Choose the account type as "Accounts in this organizational directory only (Single tenant)" and provide a redirect URI value of
https://www.workato.com/oauth/callback. Click Register in the bottom of the page.
Register the application
- Your new application will be displayed on your app registrations. Select your new app to open the app details.
Select the newly created application
- In your app details page, create a Client Secret under the Certificates & Secrets section. This will be required for the connection setup.
Create client secret
- In the right menu click API permissions > Add a permission.
Click Required permissions
- Select Dynamics CRM from the Microsoft API tab.
Select Dynamics CRM Online API access
- Select Delegated permission, then check the user_impersonation checkbox. Select Add permissions.
- Retrieve the application (client) ID as the client ID to connect to Workato.
Retrieve the Application ID
- Retrieve the Client secret to connect to Workato.
Retrieve client secret
- Extend the refresh token expiration time if required.
# Connecting to an on-premise Microsoft Dynamics CRM instance
In order to connect to Microsoft CRM Dynamics on Workato, you need to obtain a client ID by registering Microsoft CRM Dynamics App with Active Directory Federation Service. Click here (opens new window) to read more on how to register an on-premise Dynamics app with Active Directory Federation Service.
Remember to extend the refresh token expiration time if required.
# Extending refresh token expiration time
Whenever you connect to a Dynamics app, Workato gets an access token to be able to read and write to your Dynamics instance. This access token is valid until its expiry date. Workato also gets an accompanying refresh token with this access token. Whenever your access token expires, Workato can request for a new access token with the refresh token. Dynamics will check that this refresh token is still valid (i.e. the token has not been revoked), and provide a new pair of access and refresh tokens.
However, refresh tokens have expiry dates as well. If both access token and refresh token expires before Workato requests for new tokens, the Dynamics connection will no longer be valid, and a re-connection is required from the user. When this happens, Workato's requests to Dynamics will get a 400 response. If you are using a Dynamics CRM trigger, this results in your recipe experiencing trigger errors. If you are using a Dynamics CRM action, this results in job errors.
To ensure your recipes run continuously without requiring intervention, extend your refresh token expiration time, or set it to unlimited. You can apply and scope it to an OAuth application instead of applying it to the entire organization.
Read more about token lifetimes in the Microsoft documentation (opens new window).