Microsoft has recently launched its new Schedule APIs for Dynamics 365 Project Operations, which let customers work with project-related entities from outside the core system. If you have ever worked on a project that required you to use said Schedule APIs, however, you may have come across a very specific problem:
Custom logic outside of the CRM requires application-user credentials to bypass the multifactor authentication (MFA) process associated with regular credentials. But at the same time, the application user cannot be assigned a Microsoft Project license. As a result, you are not able to consume Schedule APIs in custom logic hosted outside on CRM.
The Schedule APIs are out of reach now – unless you choose a system user with the required Microsoft Projects license to impersonate an application user (or similar). And luckily, the solution Proxy for Project Operations Schedule API from the developers at proMX lets you do just that.
You will find a link to our free and ready-to-use proxy at the end of the article.
A brief history of Project Operations Schedule APIs
Let us go all the way back to when Microsoft’s project management solution Dynamics 365 Project Operations was released: It used to restrict the ability of developers to edit of projects, tasks, task dependencies, resource assignments, team members and project buckets within the CRM by leveraging its out-of-the-box Create-Update-Delete (CUD) APIs.
Microsoft justified this by saying that updates to these entities had to be routed through the (external) scheduling engine, Project for the Web (P4W).
After receiving multiple customer requests though, Microsoft decided to provide custom APIs within the Dataverse (at the time called Common Data Service or CDS) as a way to perform CUD edits on the aforementioned entities.
Discovering a gap in functionality
Our developers at proMX had been working with Microsoft’s Schedule APIs during the early-access phase when they came across a functionality gap: application users and similar user types were not able to leverage these APIs outside of the CRM without a Microsoft Project license.
As there are business logics that reside outside of the CRM, for example Azure Functions or Console Apps, application users and the like need to authenticate with Microsoft’s server-to-server (S2S) authentication in order to gain access to the Schedule APIs. S2S is the recommended and common way apps use to access the Dataverse.
However, an integration scenario outside of the CRM that required S2S authentication to use Microsoft’s scheduling API and a Microsoft Project license assigned to an application-type user was impossible.
Proxy for Project Operations Schedule APIs available now
The solution to this gap in functionality is executing business logic on behalf of another user by impersonating them. To solve the specific problem of needing a Microsoft Project license assigned to an application user, you can impersonate any user with a valid Microsoft Projects license.
Find our free and ready-to-use solution “Proxy for Project Operations Schedule APIs” from our proMX developers to solve these authentication-related issue in a single file on GitHub.