I'm trying to connect to Microsoft Dynamics Marketing OData Data Service. This page lists the OData feeds for ready-only access, but does not have any information about how to authenticate against it.
I have been trying to acquire an Access Token using Microsoft.IdentityModel.Clients.ActiveDirectory -Version 1.0.4 like this:
var authenticationContext = new AuthenticationContext("https://login.windows.net/" + domainName);
var authenticationResult = authenticationContext.AcquireToken(resource, clientId, redirectUri);
var token = authenticationResult.AccessToken;
The domainName is like contoso.onmicrosoft.com but I do not know what to use for the clientId, redirectUri, resource.
I have tried many different combinations and have had errors such as:
invalid_request: AADSTS90027: The client 'xxxxxxxx-9068-486b-bdd2-dac26b8a5a7a' and resource 'Microsoft.DynamicsMarketing' identify the same application.
and
access_denied: AADSTS65005: The client application has requested access to resource 'Microsoft.DynamicsMarketing'. This request has failed because the client has not specified this resource in its requiredResourceAccess list.
I think I am close with this. I have registered an application in Azure AD as a Native Client App and used its clientId and redirectUri with Microsoft.DynamicsMarketing as the resource. I found this from the Service Principal listing, Get-MsolServicePrincipal using the "Windows Azure Active Directory Module for Windows PowerShell".
Are these the correct parameters and I just need to sort out permission some how or am I way off?
Update
The correct resource is https://marketing-infra.dynamics.com/ which is one of the service principal names listed as is the previous one I used Microsoft.DynamicsMarketing. This works with the clientId and redirectUri that I captured from Fiddler from Power Query. I am pretty certain that to get it working with my clientId I need to give Dynamics Marketing permissions in the Azure Application Registration, "permissions to other applications". The problem is Dynamics Marketing is not an application that is available to add and the Dynamics CRM delegate permissions does not have a role for Dynamics Marketing.
I got the answer from Microsoft that clients other then Power Query are not supported. So the code I have above is correct and there is not yet support for adding permission to access it with other applications.