Docs
Integrations

Microsoft Dynamics 365 Integration

Connect Dynamics 365 Customer Engagement (Dataverse) to look up customers and orders from support tickets.

The Dynamics 365 integration connects your Dynamics 365 Customer Engagement environment (Sales / Customer Service / Field Service running on Dataverse) so the AI can look up customers and sales orders when a ticket comes in.

Authentication is server-to-server: you register an app in Microsoft Entra ID (formerly Azure AD), grant it permission to your Dataverse environment, and provide the credentials to Ticket0. No user sign-in flow is involved.

The steps below are tailored for Ticket0. For Microsoft's general reference (with screenshots that are kept up to date with the latest Entra UI), see Use Single-Tenant server-to-server authentication.

Prerequisites

  • A Dynamics 365 CE environment running on Dataverse
  • A Microsoft Entra ID admin who can register apps and grant tenant-wide consent
  • A Dynamics environment admin who can create an application user and assign security roles

1. Register the app in Microsoft Entra ID

  1. Sign in to the Microsoft Entra admin center as a Cloud Application Administrator (or higher).
  2. Go to Identity → Applications → App registrations and click New registration.
  3. Name: Ticket0 - Dynamics integration (any name works — this is shown to admins, not to customers).
  4. Supported account types: select Accounts in this organizational directory only (Single tenant).
  5. Leave Redirect URI blank — this app uses client-credentials flow, no redirect is needed.
  6. Click Register.

On the app's overview page, copy the following — you'll paste them into Ticket0 later:

  • Application (client) ID → this is the Client ID
  • Directory (tenant) ID → this is the Tenant ID

2. Create a client secret

  1. With the app open, go to Certificates & secrets → Client secrets.
  2. Click New client secret.
  3. Give it a description (e.g. Ticket0) and pick an expiry. We recommend 24 months — Entra does not allow non-expiring secrets, and you'll need to rotate it before it expires.
  4. Click Add.
  5. Copy the Value (not the Secret ID) immediately — it's only shown once. This is your Client Secret.

The secret value is only displayed once. If you navigate away before copying it, you'll have to delete the secret and create a new one.

3. Grant the app permission to Dataverse

  1. In the app, go to API permissions → Add a permission.
  2. Pick Dynamics CRM (also labelled Common Data Service or Dataverse depending on your tenant).
  3. Choose Delegated permissions → check user_impersonation → click Add permissions.
  4. Back on the API permissions screen, click Grant admin consent for <tenant> and confirm. The status column should change to a green check mark.

Despite the name, user_impersonation is the correct permission for service-principal access to Dataverse. The app does not impersonate any specific user — Dataverse uses the application user you create in the next step to determine what data is accessible.

4. Create the application user in Dynamics

The Entra app needs a corresponding identity inside the Dynamics environment so Dataverse can apply security roles to it.

  1. Go to the Power Platform admin center.
  2. Select your environment → Settings → Users + permissions → Application users.
  3. Click + New app user.
  4. Click + Add an app, search for the app name from step 1, select it, and click Add.
  5. Pick the correct Business unit (usually the root one).
  6. Click Create.

After creation, open the new application user and assign at least one security role. For order/customer read access, the built-in Sales Person role is a reasonable starting point. If your team uses custom roles, assign one that grants read on account, contact, salesorder, and product.

5. Find your organization URL

In the Power Platform admin center, open your environment and copy the Environment URL. It looks like:

https://<orgname>.crm4.dynamics.com

The region segment (crm, crm4, crm12, etc.) varies by datacenter — copy it exactly.

6. Connect in Ticket0

  1. In Ticket0, go to Settings → Integrations and click Add integration.
  2. Select Microsoft Dynamics 365 as the provider.
  3. Fill in:
    • Name — anything (e.g. Production Dynamics)
    • Organization URL — the URL from step 5
    • Tenant ID — from step 1
    • Client ID — from step 1
    • Client secret — from step 2
    • Customer lookup — pick the entity Ticket0 should search when a ticket comes in:
      • Both (default) — search contacts first, fall back to accounts
      • Contacts only — for B2C deployments
      • Accounts only — for B2B deployments where customers are organizations
  4. Click Add integration, then click the Test button on the new integration.

A successful test calls the Dataverse WhoAmI endpoint and returns your organization ID. If it fails, see Troubleshooting.

What the AI can look up

When a ticket comes in, the AI uses the connection to fetch:

  • Customer — by email address, returning name, phone, and the entity type (contact or account)
  • Sales orders — by order number or salesorder GUID, returning status, line items (with product names and SKUs), total, and requested delivery date

The status string combines the statecode and statuscode formatted values (e.g. Active / In Progress).

Limitations

  • No refunds. Dataverse CE has no native refund concept — companies model it differently (cancelled orders, credit memos, custom tables). Refund lookups always return empty.
  • No tracking number. CE does not have a built-in shipment tracking field. If your team stores tracking numbers in a custom field, that's currently not surfaced.
  • No total-spent rollup. Dataverse doesn't expose a per-customer spend rollup by default; we don't compute one ourselves to keep the lookup fast.

Troubleshooting

ErrorSolution
Microsoft Entra error: invalid_clientThe client secret is wrong, has expired, or you copied the Secret ID instead of the Value. Generate a new secret.
Microsoft Entra error: AADSTS700016 (application not found)The tenant ID or client ID is wrong. Verify both on the app's overview page.
Dataverse API error: 401 UnauthorizedThe app registration has Dataverse permission but no application user exists in the environment. Repeat step 4.
Dataverse API error: 403 ForbiddenThe application user exists but has no security role with read access to the entity. Assign Sales Person or a custom role with read on account/contact/salesorder.
Dataverse API error: 404 Not Found (on test)The organization URL is wrong, or the region segment is incorrect (e.g. crm vs crm4). Copy it from the Power Platform admin center.
Order found by GUID but not by order numberThe connector matches ordernumber exactly. Make sure the value the AI receives matches what's in Dataverse, including any prefix like ORD-.

Rotating the client secret

Entra secrets expire. The integration UI doesn't yet support editing credentials in place, so the rotation flow is:

  1. In the app, go to Certificates & secrets and create a new secret. Copy the Value immediately.
  2. In Ticket0, go to Settings → Integrations, delete the existing Dynamics integration, and add a new one with the new client secret (keep tenant ID, client ID, and org URL the same).
  3. Click Test on the new integration to confirm.
  4. Once it works, delete the old secret in Entra.

If you rely on the integration around the clock, set a calendar reminder a week before secret expiry so the rotation happens before the secret stops working.

WooCommerce Integration

Connect your WooCommerce store to show order context in tickets.

Custom API Connector

Connect any internal system to show contextual data in tickets.

On this page

Prerequisites1. Register the app in Microsoft Entra ID2. Create a client secret3. Grant the app permission to Dataverse4. Create the application user in Dynamics5. Find your organization URL6. Connect in Ticket0What the AI can look upLimitationsTroubleshootingRotating the client secret