cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
D365Ideas_Admin

Ability to disable and delete application users

Submitted by on ‎02-04-2019 08:02 AM
Author Name: Alan Mervitz

Application Users, which are used for server to server authentication in Dynamics 365 online, have been designed without foresight into the full lifetime of how they will be used.

As it stands, the only way of preventing access yourself is to delete the app registration within Azure AD. This is insufficient because the CRM system administrator may not have access to Azure AD. Even if the app registration gets deleted, you are then left with an enabled application user that doesn't actually work.

For anyone facing this scenario, support will disable the application user if you open a support request, but they won't delete them.

Status: New
See more ideas labeled with:
3 Comments (3 New)
Comments
D365Ideas_Admin
Regular Visitor
‎02-04-2019 08:02 AM
Status changed to: New
 
D365Ideas_Admin
Regular Visitor
‎02-04-2019 01:48 PM

Here is another deficiency of application users: once the app registration in Azure AD has been deleted, you will not be able to edit the CRM user anymore and will get an error if trying to do so. For example, if you try to remove a role that has been assigned to the CRM user, you will get the error "The user ID associated with the current record is not valid. If you contact support, please provide the technical details."

D365Ideas_Admin
Regular Visitor
‎02-04-2019 01:53 PM

Agreed. Serious oversight