The refresh token grant is used to replace expired access tokens with active ones by exchanging the refresh token at a token URI endpoint. The following credentials are required to connect using the refresh token grant.

Important: Once you obtain the credential information for your data source, you must store this information as a secret in AWS Secrets Manager. The secret allows you to connect using an OAuth 2.0 grant. When creating a connection, you must specify the name of the secret you created to store your data source credential information. See Storing your credentials in AWS Secrets Manager.
  • Service URL: base URL of the Dynamics 365 instance to which you want to issue requests. For example, https://mywebinstance.api.crm.dynamics.com/api/data/v9.1/.
  • Client ID: client ID key for your application.
  • Client secret: client secret for your application.
  • Token URI: token URI or endpoint used to exchange authentication credentials for access tokens. The value of the TokenURI property must begin with the POST command followed by the token URI or the endpoint used to exchange authentication credentials for access tokens. For example:

    TokenURI=POST https://login.microsoftonline.com/common/oauth2/v2.0/token

  • Refresh Token: refresh token used to request a new access token or renew an expired one.
    Note: You can use a third-party application such as Postman to obtain a refresh token. See Obtain refresh token using Postman for details.