Home > Blog > Prepare for Deprecated Service-Based Authentication Methods in Dynamics 365 Supply Chain Management

Prepare for Deprecated Service-Based Authentication Methods in Dynamics 365 Supply Chain Management

If your business is currently using Support for service-based authentication methods in Dynamics 365 Supply Chain Management (certificate and shared secret), you should prepare for its deprecation soon.

If you use this method, you might have received a warning that says "This device uses an authentication method that will soon be discontinued. Your organization should prepare to move to device code flow authentication before then."

Microsoft says this method is being removed in the Dynamics 365 Supply Chain Management 10.0.37 release, and that businesses should prepare for its end on July 2024. It will be replaced by user-based authentication (device code flow), and Microsoft recommends administrators update all devices to user-based authentication before the end date in July.

Microsoft published an FAQ list on user-based authentication which you can find here. It is based on a Yammer thread by Microsoft Senior Software Engineer Pavlo Datsuik. Note you can only view this link if you have Yammer, but if you don't want you want to view it anyway you can register when you click on the link.

Here is a summary of that FAQ:

1. What date does this change take effect? - The date this will come into play is July 15, 2024
2. Where can I find more information? - You can find more details on Microsoft's website or by contacting Stoneridge Software.
3. Why is this changing? - Security and user authentication are more robust and are now very configurable in Azure Entra.
4. How do I change our authentication method? Official docs and unofficial(community) docs with screenshots or even with more images.
5. Will it affect Dynamics 365 Finance and Operations, Microsoft Azure, and the Warehouse Management App (WMA)? It will only apply to the mobile app, which will no longer support this type of authentication. Finance and Operations and Microsoft Azure will not be affected.
6. When does the popup warning occur? - Only when the user changes/adds a connection with the client secret and certificate type.
7. How do I get rid of the popup? - Delete all client secret and certificate connections.
8. Will my team members see the popup? - If they do not edit connections they shouldn't see it.
9. What version is this affecting? - WMA v3.0+ won’t have support for client secret and certificate auth types anymore.
10. If I use the outdated version of WMA (let’s say 2.1.17) it will stop working - No, the app will work as long as you have this version.
11. How does this affect me? - If you use auto-update from Google Play/App Stores, you will get a new version, and everything will stop working.
12. What if I forget to change it? - You won’t. Microsoft plans to add additional non-blocking warnings in new releases. You can also contact Stoneridge Software now and we can help you.
13. How many Azure app registrations do I need? - With this update, you need to create only one app registration, It is user-based authentication, so you can manage your users now.
14. What is the device code? - It's a convenient approach to user login on a big screen like a desktop or TV. It might look like it is device-specific, but it is not.
15. I prefer to enter my username and password. Can I do that? Microsoft says this is a work in progress that is going to be available soon.
16. How many Entra users do I need? – Microsoft suggests having a user for each device, it provides flexibility to block the user in case a device is stolen or damaged.
17. Can I use only 1 Entra user for all my devices? – Yes, but it depends on your licensing and tolerance to the risk.
18. How frequently will the WMA log me in again? - This depends on your Entra policy, but by default, it renews for a new 90 days after each login. If you don't log in for at least 91 days, you will see the login screen again.
19. Can I increase it by more than 90 days in the Entra settings? - No. (FYI: Please read the previous question carefully)
20. What will happen to the current worker login screen? - Nothing. It’s in place.
21. Do I need to log in with DeviceCode and then with worker ID? - Yes.
22. Can we use the Entra user to log in as a worker and skip the worker login screen? - This is a work in progress, in the following FnO and WMA releases, we will introduce the DefaultUser checkbox to map between the Entra user and the worker id then it will be available.
23. How do I log out of my current Entra user account on the device? - You need to click the "Edit connection settings" button on the "Select a connection" screen, then the "Sign out" button.
24. What about mass deployment? – This is also in progress Mass deploy the mobile app for user-based authentication
25. What mobile device management solutions will be supported? – At the very least, Microsoft Intune. Possibly more.
26. What about the SOTI integration? – Microsoft will look closely at this after Intune is done.
27. What about Single Sign-On? Can I use the WMA alongside MS Teams/Outlook/Word to chat with my workers – work in progress, yes, you will.
28. In the Single Sign-On scenario, what would happen if I signed out from Outlook? - WMA will sign out as well.

Want to learn more? Get in touch with us!

Stoneridge Software can help you get ahead of this by assisting you in setting up user-based authentication on your devices. Please reach out to us if you have any questions.

Under the terms of this license, you are authorized to share and redistribute the content across various mediums, subject to adherence to the specified conditions: you must provide proper attribution to Stoneridge as the original creator in a manner that does not imply their endorsement of your use, the material is to be utilized solely for non-commercial purposes, and alterations, modifications, or derivative works based on the original material are strictly prohibited.

Responsibility rests with the licensee to ensure that their use of the material does not violate any other rights.