Data provisioning
General settings
Business Central does not support deleting accounts. Select the Account deletion unsupported checkbox:
Connector settings
| Parameter | Description |
|---|---|
| Base address | https://api.businesscentral.dynamics.com/v2.0/{enviroment_name}/api/microsoft/automation/v2.0/companies({company_id})/ |
| Authentication mode | OAuth2 |
| OAuth Grant Type | Custom |
| URL for Authorization token | https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token |
| OAuth Static Token Type | Bearer |
| Auth request body | grant_type=refresh_token&client_id={client_id}&client_secret={client_secret}&refresh_token={refresh_token}&scope=https://api.businesscentral.dynamics.com/.default offline_access |
| Auth request content type | application/x-www-form-urlencoded |
| Authentication server response format | JSON |
| Access Token Location | access_token |
| Authorization header | Authorization |
| Content type header | application/json |
| Accept header | application/json |
| Headers | {"Request":{"If-Match":"*"}} |
| Test connection | Select the checkbox |
| Test query | users |
Task mappings
Out of the box, Omada provides the following mappings:
Business Central user
Mappings of account assignments to Business Central user assignments. The object is used to update and deactivate user (account).
| Parameter | Operator | Source |
|---|---|---|
| Object Id | Map | ObjectId |
| Object type | Constant | BusinessCentralUser |
| Operation | Map | Operation |
| userSecurityId | Expression | Operation == "Update" ? ROPE_DistinguisedName : null |
| newUsers[].firstName | Expression | Operation == "Update" && ROPE_Disabled == true ? "Disabled" : "Enabled" |
Business Central group assignments
Mappings of group assignments to Business Central users. The object is used to add and delete users in groups.
| Parameter | Operator | Source |
|---|---|---|
| Object Id | Expression | ObjectId |
| Object type | Constant | BusinessCentralUserGroupMember |
| Operation | Map | Operation |
| userSecurityId | Map | ROPE_DistinguisedName |
| code | Expression | Operation == "Create" ? ROPE_ResourceIdentifier : null |
| userGroupMemberId | Expression | Operation == "Delete" ? ROPE_ATTR_C_USERGROUPMEMBERID : null |
Business Central user permission assignments
Mappings of permissions assignments to Business Central users. The object is used to add and delete user permissions.
| Parameter | Operator | Source |
|---|---|---|
| Object Id | Expression | ObjectId |
| Object type | Constant | BusinessCentralUserPermission |
| Operation | Map | Operation |
| userSecurityId | Map | ROPE_DistinguisedName |
| roleId | Expression | Operation == "Create" ? ROPE_ResourceIdentifier : null |
| userPermissionId | Expression | Operation == "Delete" ? ROPE_ATTR_C_USERPERMISSIONID : null |
RoPE configuration
-
Open the RoPE configuration file:
- On-prem:
\Omada Identity Suite\Role and Policy Engine\Service\ConfigFiles - Cloud: In the Cloud Management Portal, navigate to Environments. In the environment row, from the drop-down menu, select Configure. Choose the RoPE configuration tab.
- On-prem:
-
Add the following lines under the Attribute Value Resolver extension (change the key value in case you already have that specific key defined):
<add key="1" extraInfo="Business Central Group" name="userGroupMemberId" value="C_USERGROUPMEMBERID" />
<add key="2" extraInfo="Business Central Permissions" name="userPermissionId" value="C_USERPERMISSIONID" />