How do I make an account that can only read Dyn365 for syncing purposes

Question

Hi all, I am trying to create an account in Azure AD for the sole purpose of reading Dyn365 data. I need this for to sync some data to a program outside of Azure. I can't use a normal account as they all require MFA and this service runs automatically. I can't figure out how to do this as I'm quite new to AzureAD Thanks in advance Ruben

Answer 1

To create an account in Azure AD that can only read Dyn365 data for syncing purposes, follow these steps:

1. Log in to your Azure portal and go to the Azure Active Directory section.
2. Click on "Users" and then click on "New User" to create a new user account.
3. Fill in the required information for the user account, such as the user's name and username.
4. Under "Roles", select the "Read Only" role. This will give the user read-only access to Dyn365 data.
5. Under "Groups", add the user to a group that has access to the Dyn365 data you want to sync.
6. Under "Authentication methods", disable all authentication methods except for "Password". This will ensure that the account can be used for automated syncing without requiring MFA.
7. Set a strong password for the account and make note of it for use in your syncing program.
8. Save the user account and use the username and password in your syncing program to access the Dyn365 data. I hope this will help.