Microsoft Dynamics 365 · OAuth Scopes

Microsoft Dynamics 365 OAuth Scopes

OAuth 2.0 derived

Microsoft Dynamics 365 publishes 1 OAuth 2.0 scope via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Microsoft Dynamics 365 API on a user’s behalf.

Tokens are issued from https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Business ApplicationsCloudCRMEnterpriseERPMicrosoft
Scopes: 1 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
Token URL
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
Flows
authorizationCode

Scopes (1)

ScopeDescriptionFlows
https://{org}.api.crm.dynamics.com/.default Full access to Dataverse Web API. authorizationCode

Source

OAuth Scopes

microsoft-dynamics-365-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/microsoft-dynamics-365-dataverse-web-api-openapi.yml
schemes:
- name: oauth2
  source: openapi/microsoft-dynamics-365-dataverse-web-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
    tokenUrl: https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
  description: OAuth 2.0 authentication using Microsoft Entra ID (Azure Active Directory). Applications
    must be registered in Microsoft Entra ID and granted the appropriate Dynamics 365 permissions.
scopes:
- scope: https://{org}.api.crm.dynamics.com/.default
  description: Full access to Dataverse Web API.
  flows:
  - authorizationCode
  sources:
  - openapi/microsoft-dynamics-365-dataverse-web-api-openapi.yml