Hi folks, in this blog post, I will explain the process to create from scratch an Azure DevOps service account which you can use in Azure DevOps pipelines for Power Platform projects.
Sign in to the Azure portal at portal.azure.com, search for Azure Active Directory, navigate to the “App registrations” page and click + New registration
Provide the app registration details, i.e., type a name for the app, such as “AzDevOpsPowerPlatformSvcAccount“, choose the appropriate “Supported account type“, i.e., “Accounts in this organizational directory only ({tenant name} – Single tenant)“, and click Register.
In the application Overview page, navigate to Manage – API permissions and select + Add a permission
Select APIs my organization uses, type and search for Dataverse and select it
Select Delegated permissions – user_impersonation and click the Add permissions button.
On the left-hand side bar, select Manage – Certificates & secrets – Client secrets and click + New client secret.
Click Add to generate the client secret, type a description and select the client secret expiration date.
Important: Note down the Application (client) ID, Directory (tenant) ID and the Client secret value. As shown in the images below.
Sign in to the Power Platform admin centre.
In the left-hand side navigation pane, click Environments, select the desired environment and on the top menu click Settings.
Under User + permissions, select Application users
Click + New app user
Select + Add an app
Search for the Application (client) ID noted in a previous step and click the Add button.
Type a name for the new app user, select the Business unit and click Create.
Important: The Power Platform Build Tools extension should be downloaded and installed before creating a service connection to the Azure DevOps organization.
From the bottom left pane, select Project settings – Pipelines – Service connections
Click the button Create service connection
Type Power Platform, select it and press Next
Enter all the Power Platform service connection details as shown below and click Save.
Settings | Value |
Server URL | Type the Dynamics environment URL, i.e. ########.crm4.dynamics.com |
Tenant Id | Type the Directory (tenant) ID |
Application Id | Type the Application (client) ID |
Client secret of Application Id | Type the Client secret value |
Security | Select Grant access permission to all pipelines |
The newly created service connection will be shown under the Service connections section.