Microsoft Dynamics 365 Integration Global Admin Role

Brandon45 · ‎03-20-2024

Hey Team!

I'm currently in the process of integrating Microsoft Dynamics 365 with ServiceNow. There's a requirement that when establishing the connection, a global admin has to physically log in to the microsoft platform in order for the integration to work. Best practice would have us use a Service Account with said admin role complete this log in step, however we will be unable to go this route due to security concerns over giving such a high level role to a third party account. Has anyone had any experience with this integration, and if so, could you provide some insight to the following questions:

When refreshing the token, did this process happen automatically, or did the global admin user have to go into servicenow to then log in to microsoft and refresh?
Did you go the route of using a global admin account, or were you able to do it using a lesser role?

Thanks for any help you can provide!

Taksh · ‎04-02-2024

Hi @Brandon45

As per our initial analysis, app developer role should suffice. However, we'd recommend raising a support case if you wish to receive complete solution in terms of connection setup.

View solution in original post

Taksh · ‎04-01-2024

Hi @Brandon45

1) Token refresh happens automatically and it does not require the user to authenticate again. Authentication is required only once at the time of integration setup

2) We're currently analysing lesser role and expecting to release implementation/documentation changes soon. Stay tuned !!

Brandon45 · ‎04-01-2024

Thanks for the insight Taksh! If you could reply with the lesser role that you suspect might work, it would be greatly appreciated (currently working on a bit of a time crunch, so even speculation at this point is appreciated).

Brandon45 · ‎04-01-2024

Thanks for the insight, Taksh! If you have a suspected lesser role in mind, would you mind informing me of it? Operating on a bit of a time crunch, so even speculation may prove beneficial at this point. (also, if you see a duplicate reply, apologies, something has glitched)

Taksh · ‎04-02-2024

Hi @Brandon45

As per our initial analysis, app developer role should suffice. However, we'd recommend raising a support case if you wish to receive complete solution in terms of connection setup.