Skip to main content

Enabling Multi-factor authentication for BC Cloud Web Services data sources within the Jet Hub

This features is available in Jet Reports 20.8.1 and higher.

Overview

If your organization is enforcing Multi-Factor authentication to sign into your Dynamics 365 Business Central Cloud Web Services data source and you are planning to use the Jet Hub, then you’ll need to setup an additional Azure App Registration.

This guide is intended for users with administrator access to their Azure portal.

This functionality does not require additional or premium licensing on the part of Microsoft Entra ID.

Note: This step is not required for running reports in the Jet Excel Add-in as MFA is natively supported in that configuration. This is required for users who will use the Hub and not the Excel Add-in.

Register your App

  1. Sign in to your Azure portal (portal.azure.com)

  2. Go to your Microsoft Entra ID.

  3. Click App registrations.

    • Click +New registration to register a new app.

    • Give your App a recognizable name.

    • Under Supported Account Types , select Accounts in any organization directory (Any Azure AD directory - Multitenant)

    • Under Redirect URI (optional) , select the type of Web and enter your Jet HubURL followed by "/DataSources/Authorize"

      This entry must start with https:// and contain the base URL that your users will use to sign in to your Jet Hub. The URL could contain the machine name to which you will install Jet Hub or the DNS entry for this site. Examples are: https://myservername.mydomain.com/DataSources/Authorize https://dnsname.mydomain.com/DataSources/Authorize Copy your entered Jet Hub Redirect URL value and paste into Notepad (or other text editor) for saving. This will be used in a future step.

    • Click Register

    aad_register_app_config_mfa.png

Configure your App

Now that your app is registered, there are additional settings that are needed.

  1. Go to the Authentication page.

    Select ID tokens (Used for implicit and hybrid flows) , then select Save.

    id_token_select.png

  2. Select Add a platform > Mobile and Desktop applications. The Configure Desktop + devices window is displayed.

  3. In Redirect URIs, select https://login.microsoftonline.com/common/oauth2/nativeclient, and then click Configure.

  4. On the Certificates & secrets tab, click +New client secret to set up your Client Secret

    2021-04-05_11-12-11.png

    • Give your client secret a description, select when it expires, then click 'Add'.

      Never is recommended for the Jet app expire option.

      Copy the generated secret value and paste into Notepad (or other text editor) for saving.

      This will be your only chance to copy it, and it will be required information during the install of Jet Products. If you forget to copy it, you can just create another secret.

  5. Navigate to the API permissions tab, click +Add a permission , and click Dynamics 365 Business Central.

    • Select Dynamics 365 Business Central

      • Select Delegated permissions
      • Check the user_impersonation checkbox
      • Click Add Permissions

  6. From the API Permissions page, click the Grant admin consent for <DomainName> button. Then, click Yes in the confirmation dialog.

  7. Go to the Overview page and copy the Application (Client) ID and the Directory (tenant) ID and paste them into Notepad (or other text editor) for saving. This will be used in a future step.

Open Jet Hub settings with an administrator account

  1. Go to the Data Source Setup page and select your BC Cloud data source. The Business central Cloud page is displayed.

    2. Select the Authentication tab, and enter the following details provided by your BC Cloud service provider, and click Save.

      • Microsoft Entra ID tenant ID
      • Client application ID
      • Microsoft Entra ID application Secret

    mfa_settings_hub.png

  2. Navigate to the reports screen and try running a report that is using a Business Central Cloud Web Services data source.

    • Sign in to your Jet Hub
    • Run or upload a report using a Business Central Cloud Web Services data source
    • Click the Sign in with Microsoft button

    • A new tab will open which will allow you to sign in using Microsoft's authentication. After completion, the tab will close.
    • You're now using your Multi-factor enabled account within the Jet Hub.
    • Run or upload a report using a Business Central Cloud Web services data source to verify that your data source has been setup correctly.

Was this article helpful?

We're sorry to hear that.