Paste the credentials
1
Open the Dynamics 365 integration modal
In your OpenCX dashboard, find the Dynamics 365 card and click Configure.
2
Fill in the four fields
3
Click Test & Save Configuration
OpenCX runs the verification described below. On success you’ll see a confirmation toast and the card flips to Active. On failure the save is rejected and nothing is written to the database.
What “Test & Save” does
Verification is two calls, not one. Both must succeed for the credentials to save.
- Token exchange — OpenCX POSTs to
https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/tokenwithgrant_type=client_credentialsandscope=<environment_url>/.default. A 400 here means Azure AD rejected the tenant/client/secret triple. - Dynamics probe — OpenCX uses the token to
GET <environment_url>/api/data/v9.2/incidents. A 401 or 403 here means the token is fine but the Application User or its security role isn’t. - Save — Only after both calls return 2xx does OpenCX upsert the row into
dynamics365_integration_settings(encrypted at rest).
Rotating the client secret
Azure AD client secrets expire. A few days before the expiry:- Create a new secret in the same app registration (Certificates & secrets → New client secret).
- Copy the new value.
- Open the OpenCX Dynamics 365 modal, paste the new secret, and click Test & Save Configuration.
- Delete the old secret in Azure once you’ve confirmed the new one works.
Disconnecting
Opening the modal and removing the settings row deletes the credentials from OpenCX. Incidents and Omnichannel live work items that were already created stay in Dynamics exactly as they are — disconnecting only stops OpenCX from creating new ones.Related Documentation
Conversations in Dynamics 365
Routing logic, contact dedupe, defaults, and observability.
AI Chat Widget in Dynamics 365
First channel to try — widget handoff lands as an Omnichannel live work item.
Troubleshooting
Credential verify fails, unassigned incidents, unlinked contacts.
Azure & Dynamics Setup
App registration, secret, Application User, security role.