Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Blogs / Dynamics GP Support and Services Blog / Modern Authentication and u...

Modern Authentication and upgrading to Microsoft Dynamics GP 18.5

Lucas Miller Profile Picture Lucas Miller

Hello Dynamics GP Community!

The support team has been tracking some reports of customers running into issues e-mailing after performing an upgrade to the Fall 2022 release of Dynamics GP (18.5.xxxx).   If you've just upgraded to Dynamics GP 18.5 and you're seeing that either you can no longer authenticate or send e-mail you may be running in a scenario where your App Registration in Azure AD needs to be upgraded.

What we are finding is that a change in either Dynamics GP or Azure AD is requiring additional rights under API Permissions in your App Registration in the Azure Portal.  When setting up the App Registration we've always directed you to add the Mail.Send delegated MSGraph permission.  Well, when a global administrator first authenticates from the Company E-mail Settings window in Dynamics GP 18.5, including granting the requested permissions it will now automatically assign an additional MSGraph permission called Mail.ReadWrite under the "Other permissions granted for %domain%" section of that window:

API-Permissions.png

So, what can you do to address this should you run into any issues?  Here's what we would recommend:

  1. First, log into Dynamics GP and navigate to Tools > Setup > Company > E-mail Settings. 
    1. Copy out your Application (Client) ID value
    2. Clear the Application (Client) ID field
    3. Click OK to save the change
  2. Now close and re-open Dynamics GP
  3. Re-open the Company E-mail Settings window
    1. Re-enter the Application (Client) ID value
    2. Tab off that field or click OK to receive the Sign In window
    3. Log in as a global administrator or another user who will have rights to update Azure AD
    4. You should then see the "Permission Requested" prompt.  Mark the "Consent on behalf of your organization" and click Accept.  This is what adds the Mail.ReadWrite API Permission

Grant-Consent2.jpg

You can then test emailing from Dynamics GP and you should see better results.  Since this new permission is added automatically during initial authentication and it doesn't exist under "Configured Permissions" we're not going to be changing how the App Registration should be initially setup at this time.

As always, let us know if you have any questions or issues around this.

Comments

*This post is locked for comments