Company logoHelp Center
Visit www.threatlocker.com

Dynamics 365 Integration for Ticketing

11 min. readlast update: 04.29.2026

Please Note: This feature is currently only available by reaching out to the Cyber Hero team and requesting it.

The Dynamics integration allows ThreatLocker to create cases in Dynamics 365 when requests are received, enabling streamlined tracking and response. It can also automatically associate each case with the appropriate asset, ensuring accurate context and improved visibility for support teams.

To begin setting up the Dynamics 365 Integration in the ThreatLocker portal, you will need to retrieve the following information from the Microsoft Entra admin center:

  • Tenant ID
  • Client ID
  • Client Secret

You will also need to retrieve the following from the Power Platform admin center:

  • Organization URL

Retrieving the Tenant ID

Log in to the Microsoft Entra admin center.

Navigate to 'Overview' on the left-hand side of the page. Then, collect the Tenant ID from the 'Tenant ID' line in the Overview.

Retrieving the Client ID and Client Secret

From the Microsoft Entra admin center, navigate to 'App registrations' found on the left-hand side of the page.

From this page, you can either select the existing 'App Registration' or create a new one.

Using an Existing Application

Using the provided search bar, search for and select the App Registration you wish to use for this integration. Once selected, a page will open for the selected App Registration. From here, select 'Overview', then navigate to the field labeled 'Application (client) ID'. This is the GUID you need to enter in the 'Client ID' textbox in ThreatLocker.

Then, under 'Manage' in the left-hand menu, select 'Certificates & Secrets'. From this page, select the button labeled '+ New client secret'.

Selecting this button will open the 'Add a client secret' sidebar. From here, enter a description in the 'Description' field if desired, then set an expiration date for the secret. Microsoft will, by default, recommend 180 days (6 months).

Select the 'Add' button at the bottom of the sidebar when you have entered your desired information.

You will now see the newly created Value and Secret ID.

Copy the 'Value' to insert into the Client Secret textbox in ThreatLocker.  

Important: This 'Value' will only be visible immediately after creation. Once you leave this tab, the Value will be hidden on subsequent visits.

Creating a New App Registration

From the 'App registrations' page, select the '+ New registration' button.

Selecting this option will open a new page titled 'Register an application'. From here, enter your application's name and select the 'Register' button at the bottom of the page.

Once created, you will be brought to the new registration's page. The Application (client) ID is the GUID you need to enter in the Client ID textbox in ThreatLocker.

Then, under 'Manage' in the left-hand menu, select 'Certificates & Secrets'. From this page, select the button labeled '+ New client secret'.

Selecting this button will open the 'Add a client secret' sidebar. From here, enter a description in the 'Description' field if desired, then set an expiration date for the secret. Microsoft will, by default, recommend 180 days (6 months).

Select the 'Add' button at the bottom of the sidebar when you have entered your desired information.

You will now see the newly created Value and Secret ID.

Copy the 'Value' to insert into the Client Secret textbox in ThreatLocker.  

Important: This 'Value' will only be visible immediately after creation. Once you leave this tab, the Value will be hidden on subsequent visits.

Granting API Permissions

Next, you must grant API permissions for Microsoft Graph, Dynamics CRM, and the app registration that you have been using for this integration.

Still in the 'App registrations' page and within the 'Registration', under 'Manage', select 'API permissions'. On this page, select the '+ Add Permission' button to open the 'Request API permissions' sidebar.

On this page, select 'Microsoft Graph'.

Select Delegated permissions.

From here, navigate to 'User' permissions and select the checkbox to the left of User.Read. Once done, select the 'Add permissions' button at the bottom of the sidebar.

After this permission has been added, select the '+ Add a permission' button again to add a new permission. From here, select 'Dynamics CRM'.

The 'Delegated permissions' option will be pre-selected for Dynamics CRM.

Next, in the permissions section, search for and add permissions for mcp.tools - Access Dataverse MCP tools as organization users, and user_impersonation - Access Common Data Service as organization users. Select the checkboxes to the left of each of these permissions.

Lastly, select the 'Add permissions' button at the bottom of the sidebar.

Now, permissions must be given to the 'Application registration' you have just created. Before permissions can be applied to this registration, you must first expose an API. To do this, navigate to the 'Expose an API' module found on the left side of the page.

From this page, select the '+ Add a scope' button, which will open the 'Add a scope' sidebar.

The following information will be added:

  • Scope Name - "user_impersonation"
  • Who can consent - Change to 'Admins and users'
  • Admin consent display name - "Access"
  • Admin consent description - Provide a short description of your Admin Consent.

'User consent display name' and 'User consent description' are not required to add this scope.

Once all information has been entered and the state is 'Enabled', select the 'Add scope' button at the bottom of the sidebar.

Now, navigate back to the 'API permissions' module and select the '+ Add a permission' button once more.

From the sidebar, select the 'APIs my organization uses' tab.  

Search for and select the app registration that you created.

Based on the permissions that you chose, the 'Delegated permissions' option will be pre-selected. You can then select the checkbox next to the 'user_impersonation' permission and select the 'Add permissions' button at the bottom of the page when done.

After all APIs have been given the proper permissions, select the 'Grant admin consent for (Organization)' button, then select 'Yes' when prompted.

Once selected, the 'Status' column will populate with green check marks, indicating that admin consent has been granted for your tenant.

The selected or created app registration will also need to be given appropriate user permissions from the Power Platform admin center. 

Retrieving the Organization URL

Navigate to your Power Platform admin center. Using the left side of the page, select 'Manage', then 'Environments'.

From the 'Environments' page, select the Environment you will be using for the integration and, in the 'Details' section of that Environment's page, copy the 'Environment URL'.

Granting User Permissions to the Selected App Registration

Still on the 'Environments' page, select the 'Settings' button at the top that matches the Environment you will be using for your integration.

In the 'Settings' page, select the 'Users + permissions' dropdown and choose the 'Security Roles' option from the list.

You must ensure that you have a Security Role that contains the following permissions:

Important: A custom role using the '+ New Role' button on this page can be created to ensure the minimum permissions required are applied.

Core Records

  • Account 
    • Read - Organization
    • Append to - Organization
  • Contact
    • Read - Organization
    • Append to - Organization
  • Sharepoint Document
    • Read - Organization

Custom Tables

  • Customer Asset
    • Read -  Organization
    • Append to - Organization
  • Entity
    • Read - Organization

Customization

  • Attribute
    • Read - Organization
  • Entity
    • Read - Organization
  • OptionSet
    • Read - Organization

Service

  • Case
    • Create - Organization
    • Read - Organization
    • Write - Organization
    • Append - Organization

Once your Security Role has been created, navigate back to the 'Settings' page and select the 'Users + permissions' dropdown. From here, choose 'Application users'.

If you have not added the 'App registration' from earlier as an 'App User' in your Power Platform admin center, select the '+ New app user' button at the top of the page. Otherwise, you can select the application from the available list. Selecting the '+ New app user' button will open the 'Create a new app user' sidebar.

From the sidebar, add the app registration from earlier, then select your business unit.

In the 'Security Roles' section, select the 'pencil' icon and select the Security Role or Roles that were created that allow the specified permissions from earlier.

Once your Security Role or Roles have been chosen, select the 'Create' button at the bottom of the sidebar to apply the selected Role to the App Registration.

Initial Dynamics 365 Integration Setup in ThreatLocker

Start by logging into your ThreatLocker Portal. Using the left side of the page, hover over the 'Manage' icon and select 'Integrations' from the menu.

From here, use the search bar at the top of the page to search for 'Dynamics', then select the 'Dynamics 365' integration from the dropdown.

Selecting this will open the 'Add Dynamics 365 Integration' sidebar.

  1. Organization URL - This is the 'Environment URL' from the Power Platform admin center.
  2. Tenant Id - This is the 'Tenant Id' found in your Microsoft Entra admin center.
  3. Client Id - This is the 'Application (client) ID' associated with the 'App registration' you created above.
  4. Client Secret - This is the Client Secret (Secret ID) associated with the 'App registration' you created above.
  5. Select the 'Add' button once you have filled out all fields.

If all entered information is correct, the sidebar will close, and you will receive a green confirmation message.

Re-open the sidebar by selecting the 'Dynamics 365' Configured Integration. Two additional tabs will now be available to finish customizing the integration, along with an API History tab, where api communication can be viewed.

Mapping Tab

The 'Mapping' tab is used to map Dynamics 365 items to ThreatLocker items.

Account Mapping

In the Account Mapping section, Dynamics accounts can be mapped to ThreatLocker Organizations. When ThreatLocker Requests come in for a selected ThreatLocker Organization, a corresponding incident will be created in the mapped Dynamics 365 account.

  1. Dynamics 365 Account - Enter the name of a Dynamics 365 account to select it.
  2. ThreatLocker Organization - Select the ThreatLocker Organization that the selected Dynamics 365 account should be mapped to.
  3. Press the '+' button to add mapping.

Repeat these steps until all desired Dynamics 365 accounts are mapped to ThreatLocker Organizations.

Custom Mapping

Here, custom fields from the Cases table can be mapped to ThreatLocker fields. This will tell the integration to insert data from the ThreatLocker field into the mapped custom field in Dynamics.

  1. Dynamics 365 Field - Select the name of the Dynamics 365 custom field.
  2. ThreatLocker Field - Select the corresponding ThreatLocker Field.
  3. Press the '+' button to add your mapping.

Repeat these steps until all desired Dynamics 365 fields are mapped to ThreatLocker fields.

Asset Mapping

Toggle on 'Enable Auto  Asset Mapping' to allow the system to automatically link requests to the correct asset in Dynamics.

In the Asset Table Hostname Field dropdown, select the field in the Asset table that contains the identifier (e.g., name).

In the Incident Table Hostname Field, select the field in the Incident (Case) record that corresponds to the Hostname (e.g., assetlookup).

Press the 'Save' button at the bottom of the sidebar to save all of these mappings.

Ticket Settings Tab

The ticket settings tab lets you configure ticket settings for tickets created in Dynamics 365 when a ThreatLocker request is made. To configure this, select the 'Ticket Settings' tab at the top of the sidebar.

Ticket Settings

In the 'Ticket Type' dropdown, select the type of ticket that will be created in Dynamics when a ThreatLocker request is made.

In the 'Priority' dropdown, select the priority that tickets that are created in Dynamics 365 will have.

Toggle on 'Auto Escalate' to allow the Dynamics ticket to be updated when a ThreatLocker request is escalated.

Toggle on 'Auto Close' to automatically close the ticket in Dynamics when the request is actioned in ThreatLocker.

Ticket Branding

In the Ticket Branding section, a custom ticket title can be created and applied to all tickets created by the integration.

Use %REQUESTTYPE% to add the request type to the title of the ticket (e.g., Application, Elevation, Storage, Web).

Press the 'Save' button at the bottom of the sidebar to save the configured Ticket Settings.

Once configured, when an end user sends up a ThreatLocker Request, a ticket will be created in Dynamics 365.

Was this article helpful?