Syvantis Technologies, Inc.

View Original

Dynamics 365 Business Central user authentication with Azure Active Directory

When discussing any potential software implementation, there are always questions about how the system will be accessed by the users. There is usually concern over how a user is going to be authenticated and authorized so that they can access important data. Security is certainly one issue, but the ease of access itself can often leave a lot to be desired. Couple that with the need to sign into multiple websites or applications at the same time just to effectively complete day to day work can sometimes be quite overwhelming.

Thankfully, Microsoft has been working on this problem for a very long time and has built a cohesive system of authentication in Azure Active Directory (Azure AD). Many programs including Microsoft 365 and Dynamics 365 utilize Active Directory to conduct authentication, but this blog will focus on Dynamics 365 Business Central Online and how it uses Active Directory to create seamless integration between most of Microsoft’s products.

Azure Active Directory is a back-end service that is frequently talked about in conjunction with Microsoft products. For most people without a high level of technical experience, the service itself can be difficult to fully understand, but it is not all that complicated to get a basic understanding of. Microsoft defines Azure AD as “a cloud service that provides identity and access capabilities, such as for applications on Microsoft Azure, Microsoft Office 365, and for applications that install on-premises.” Basically, Azure Active Directory is a fully online service that allows Microsoft products to identify and provide access to users that have been setup inside it. This may not seem all that exciting, but it is fundamental to how Microsoft’s authentication systems work. In most Microsoft cloud-based programs, this service works behind the scenes to ensure data is kept safe.

Even more importantly, however, this provides a very simple authentication tool which allows users to login to a single Microsoft product and have access to all the tools they need without the extra hassle of remembering passwords or signing in and out. Azure AD is a powerful mechanism that solves the authentication question in a smooth and simple manner and allows for the implementation of  important business applications with little outside security risk.

Azure Active Directory is a great service, sure, but it is only a service. By itself, it can do very little and for it to have a purpose, it needs something to protect. Thankfully, there is no shortage of Microsoft business applications, and even custom-built applications, that Azure AD can connect to, not the least of which is Dynamics 365 Business Central Online. For many people who are familiar with the older on-premises style accounting systems, such as Dynamics GP or Dynamics NAV, the process of loading into an instance of the system can be a pain.

If the system is not already hosted on a cloud-based platform, it can be incredibly difficult to access remotely, requiring virtual machines or something similar. If it is a cloud-based platform, the likelihood that the software is hosted on something that requires a separate password and login is very high.

Moreover, it is frequently the case that after signing into the system, it takes over an entire screen’s worth of desktop space on a computer. Business Central Online, when used with Azure AD is a solution to all these problems that traditional on-premises or hosted systems may bring up.

First, an advantage that Business Central Online has over other systems is that it is a completely online cloud-based ERP software. This is not the case with the vast majority of other programs, even other programs that Microsoft offers. When other programs are hosted on the cloud, the same problems arise because they are fundamentally the same program just put into a different location. Business Central Online has never existed outside of the cloud and this offers significant advantages over the other programs. The best part? Business Central runs natively in web browsers. This eliminates the problem of desktop space because the sign in does not require any sort of virtual machine or a full screen program.

While this is not strictly an advantage that Azure AD provides, it is an important distinction between the two sign-in experiences. AD does provide, however, for all the other benefits that a Business Central sign-in has.

The real advantages that Azure Active Director provides to Business Central Online is that it allows for use with the universal Microsoft account. The normal Microsoft work account which is used across the entirety of the Office 365 and Dynamics 365 suites can be hooked directly into a Business Central Online instance. Thus, Business Central Online only requires a single password to be remembered for sign-in.

Typically, on a hosted or on-premises program there will be a login to the portal where the program is hosted, followed by a login to the program itself. Some of these passwords may expire and require constant resetting and remembering of the new password.

Not only does Business Central Online not fall into this trap, but it goes further. It allows for a single sign-on experience to persist across all Microsoft sign-ins. If a user wished to go check their email through the Microsoft Office 365 portal, they could sign in to the portal, open up Outlook, respond to some emails, then open up an instance of Business Central in a separate tab without signing in again. This may seem like a small benefit that is provided to the user, but the amount of time that gets lost over the process of setting, resetting, and logging into programs over the course of a year is already high enough without needing to add more passwords to that list.

Yet, that is not the only benefit of the use of a Microsoft account through Azure AD. Not only does this provide for ease of access, but it also provides the vital security that a system containing an entire company’s financials would require. By providing such a solid foundation for authentication in the Microsoft account, the concern over potential security breaches drops significantly and falls to the individual users themselves. Effectively, only user error will compromise the safety of a system, which, when trained properly, should never occur.

In the end, Azure Active Directory assists Business Central in standing out from the crowd of other accounting software. It provides a much better sign-in experience and significantly higher ease of use by utilizing the Microsoft account. Truly, Azure AD empowers Business Central into providing users a sign-in that other programs simply cannot do.