Application user

I would like to have an application user who can execute workflows and register plugins through him.

I created it as follows:

In Azure Active Directory ->

  • App-Registrations

New application registration -> Overview

-> Application-ID (Client)

-> Directory-ID (Mandant)

-> Object-ID

  • Manifest

Change -> „allowPublicClient“: true

  • API-Permissions

Berechtigung hinzufügen -> Dynamics CRM (Access Common Data service as organization users) -> Administratorzustimmung erteilen

  • Certificates & secrets

Create new certificat Client key

In Azure Active Directory

Create new user -> Profil: User Principal Name, Objekt-ID  

Create and Configure the Applikation User

Here i associate the above Application ID inside Dynamics 365

  • Dynamics 365 -> Settings -> Security - > Users -> Switch the view to Application Users and click a New 
  • then Switch to Application User form and specify the Application ID of the application the i registered earlier and specify Full Name and the Primary Email. The platform populate automatically the Application ID URI and Azure AD Object ID then i go to ->
  • Manage role -> Manage user roles and i add roles: Common Data Service user Systemadministrator 

But when i try to log in to Plugin Registration Tool i get  this error:

Error : You don't have permission to access any of the organizations in the Microsoft Common Data Service region that you specified. If you're not sure which region your organization resides in, choose "Don't know" for the CDS region and try again. Otherwise check with your CDS administrator.
Parametername: EMEA
Stack Trace : Not Provided

LOGIN TO DYNAMICS 365 -> ERROR -> Username does not belong to the D365 Test Environment organization.

should I add a few more roles or what should I do so that everything works. What am I doing wrong.

Please i need please urgent your help.