Environment
The environments of Power Apps / D365 are stored in the primno.env.json file.
It store the authentication information to connect to environments.
Because this file can contains sensitive information, it should not be saved in a version manager.
By default, primno.env.json is ignored by Git through the .gitignore file.
This JSON file is a array of environment objects. Each environment object contains the following properties:
name: Name of the environment.connectionString: Connection string of the environment.
The primno.json file contains a environment property that references the environment to deploy to.
Example:
[
{
"name": "Default",
"connectionString": "AuthType=OAuth;Url=https://<Environnement>.crm.dynamics.com;UserName=<UserName>;Password=<Password>"
}
]
Connection string
The connection string is a string that contains the authentication information to connect to a Power Apps / D365 environment. Primno uses the connection string format of Xrm Tooling.
The provided connection must have a admin or a customizer role.
Connection string supports:
- Dataverse (Dynamics 365 online).
- Dynamics 365 CE (on-premises) since version 9.0.
To learn more about connection string, see:
A easy way to get a connection string is to use the XrmToolBox tool.
Create a new connection by the wizard and copy the connection string though the Show the connection string of this connection button.
Connection string provides many AuthType, but only OAuth is supported by Primno.
OAuth
To authenticate though OAuth, you must register an application in an authentication provider (ADFS or Azure AD) and set the AuthType property to OAuth.
Flow
The OAuth flow is determined by the parameters of the connection string.
| Parameters | Flow | MFA support | Description |
|---|---|---|---|
UserName and Password | User password | No | Authenticate with a user name and a password. |
ClientId and ClientSecret | Client credential | NC | Authenticate as a service principal, not a user. |
UserName only | Device code | Yes | Authenticate by a url and a code. |
Token cache
If you don't want to authenticate each time you run the CLI, you must enable persistent token caching by setting a file path in the TokenCacheStorePath property. Eg: ./cache/token.json.
The token is stored encrypted in the file and will be used for the next authentication.
If you switch between environments, but use the same account, set the same UserName and TokenCacheStorePath properties to connect without re-authentication.
Register an application
Dataverse
In Dataverse environment, you must register an application in Azure AD if you don't uses a Sandbox environment. To learn more, see Register an app in Azure Active Directory.
Sandboxes provides a pre-registered application that will be used if you don't specify the ClientId property.
On-premises
In on-premises environment, you must have set CBA (Claim-Based Authentication) configured or IFD (Internet Facing Deployment) by using ADFS 2019+ with OAuth 2.0 support enabled.
To register an application in ADFS, see Add-AdfsClient and Grant-AdfsApplicationPermission PowerShell commands.
Examples
| Environment | OAuth flow | Connection string |
|---|---|---|
| Dataverse | Device code | AuthType=OAuth;Url=https://<Environnement>.crm.dynamics.com;UserName=<UserName> |
| Dataverse | User password | AuthType=OAuth;Url=https://<Environnement>.crm.dynamics.com;UserName=<UserName>;Password=<Password> |
| Dataverse | Client credential | AuthType=OAuth;Url=https://<Environnement>.crm.dynamics.com;ClientId=<ClientId>;ClientSecret=<ClientSecret>;RedirectUri=<RedirectUri> |
| On-premises | User password | AuthType=OAuth;RedirectUri=<RedirectUri>;Url=https://<D365Url>;UserName=<Domain>\<UserName>;Password=<Password> |