A Fenwick Gold Account is used to link your subscription licenses to your system.
If you are running in an On-Premises environment, you will need to have an Azure AD tenant setup for your organization.
If you're using a Microsoft-hosted SaaS version of Business Central, please see Creating your Fenwick Gold Account.
- Part 1. Link your service tier to your Azure AD Tenant
- Part 2. Start the create account wizard
- Part 3. Creating the App Registration
- Part 4. Create a Client Secret for an App Registration
- Part 5. Configure the App registration with the correct API permissions
Part 1. Link your service tier to your Azure AD Tenant
The Service Tier needs to be configured to connect to your Azure AD Tenant. If you already use Office 365 Authentication you don't need to re-do this step.
This section is a shortened version of the Single Sign-On guide by Microsoft. You may wish to reference this guide for more information about specific values.
You can get your Directory (tenant) ID from the Azure AD Properties page for your tenant.
- Open the Business Central Administration tool
- Select your instance from the left hand side
- Under the Azure Active Directory (Azure AD) section, update the WS-Federation Login Endpoint to the following value (replacing [AADTENANTID] with your Directory (tenant) ID):
https://login.microsoftonline.com/[AADTENANTID]/wsfedOr, you can directly add/update the value in the CustomSettings.config:
<add key="WSFederationLoginEndpoint" value="https://login.microsoftonline.com/[AADTENANTID]/wsfed" />
- Save the file and restart the service tier.
For multi-tenant deployments, the Tenant ID is set as part of the tenant mounting procedure.
Part 2. Starting the create account wizard
The steps in this guide work along with the Create Account wizard within Dynamics 365 Business Central. Throughout the guide you'll need to copy and paste some values back into the wizard.
You can access this Assisted Setup, or by clicking Create Account on the Fenwick Gold Subscriptions page.
Part 3. Creating the App Registration
An App Registration will need to be setup on your Azure AD tenant to allow Fenwick Gold Account to securely communicate with our billing service.
These steps are based off the detailed Microsoft guide to help you set up a new App Registrations on your Azure AD Tenant.
You can use an existing app registration if it has already been setup for your Business Central app (skip to step 4).
Fenwick or your IT may complete these steps for you using a CSP/delegated admin account.
- Open your Azure Management Portal as an administrator.
- Click on New Registration in the App Registrations page.
- Provide a Name (i.e. Business Central Fenwick Gold Account) for the app registration and click on Register.
- Copy the Application (client) ID value and paste it in the Gold Account wizard.
Part 4. Create a Client Secret for the App Registration
A client secret allows Fenwick Gold to securely communicate with the Gold Account application installed on your Business Central.
- Select Certificates & Secrets for the app registration and click on New Client Secret.
- Provide a Description for the secret and click on Add. We recommend noting down the secret expiry date in your calendar so you can renew it when required.
- Copy the value using the copy button and paste it in the Gold Account wizard Client Secret field. Then click Next to proceed.
- Click Next.
Part 5. Configure the App registration with the correct API permissions
API permissions are required to authenticate communications between Business Central and your Azure Active Directory.
- Select API Permissions for the registered app and then click on Add a Permission.
- In the section APIs my Organization uses, locate Fenwick Gold Account.
- Select All permissions and click on Add permissions.
- Select the API/Permission Name and grant it Admin Consent.
- Click Next in the Gold Account wizard.