The automated process of user provisioning becomes common in many projects. Often, the process includes components outside of Dynamics 365 such as creating a user in Azure Active Directory, assigning plans and licenses and adding user to AAD groups. All of these can be automated using the Microsoft Graph API.
In this post, I’ll demonstrate assigning Microsoft Dynamics 365 license to an existing user with Postman. You can later convert Postman requests to JS or C# code or use in Flow and Logic Apps.
- Have Postman application installed
- Have access to Office 365 and Azure environments
- Register a new Web App/API in Azure AD with a Client Secret and copy Application Id key, callback URL and secret to Notepad.
Make sure your app is granted the ‘Read directory data’ privilege
- Set a request to retrieve available SKUs
In Postman, create a new GET request to the following address, after replacing<YOUR_DOMAIN_NAME> with your actual domain name (e.g. bikinibottom.onmicrosoft.com)
- Get an Authorization Token
Before actually accessing the Graph API, you’ll need an access token to authenticate your requests.
Click the Authorization tab, and set type to OAuth2.0.
Click the Get New Access Token and select the Authorization Code option for the Grant type attribute In the dialog opened.
Fill in the Client ID, Client Secret and Callback URL details copied previously to Notepad.
Click the ‘Request Token’ button to receive a dialog containing an Access Token. Scroll down and clock ‘Use Token’ button
- Retrieve Subscriptions
Click ‘Send’ to execute therequest which will retrieve a list of commercial subscriptions that your organization has acquired.
If you have Dynamics 365 licenses, the following node will be included in the response.
Copy the skuId value which will be used in the next step.
- Assign License to User
Create an additional POSTrequest to assign license to user with the following URL. Replace the target user principal name
(e.g. firstname.lastname@example.org) https://graph.microsoft.com/v1.0/users/<USER_PRINCIPAL_NAME>/assignLicense
In the Authorization tab, set the same settings as the first request. As you already have a token, no need to get a new one.
Add a header of Content-Type = application/json
Set the request body with the previously copied skuId
Click ‘Send’ to send the request and assign Dynamics 365 license to the target user.
A correct response looks like this