Glean’s Microsoft Dynamics 365 Connector (Beta release) allows you to index and search key CRM records from your Dynamics 365 Sales module directly within Glean. This enables you to unify CRM data with your company’s broader knowledge ecosystem, improving sales workflow efficiency and discovery.

Supported Features and Limitations

This section describes the connector’s capabilities and any important product boundaries.

Supported Objects/Entities

You can index and search the following entities from Dynamics 365 Sales:
  • Accounts
  • Contacts
  • Leads
  • Opportunities
  • Activities (including emails, meetings, and attachments)

Supported API Endpoints/Features

  • Microsoft Graph API (Application permissions: User.Read.All, Directory.Read.All)
  • Dynamics CRM API (Delegated permission: user_impersonation)
  • Incremental and full crawls for timely coverage of CRM records.
  • Query assistant: Allows users to chat and request insights such as customer sentiment and conversation summaries on Dynamics 365 data.

Limitations

  • Only the Dynamics 365 Sales module is supported.
  • Dynamics 365 modules like Cases, Projects, custom fields, customer service and ERP are not supported.
  • Access is limited to items with role-based Security Role permissions; sharing-based and hierarchy-based ACLs are not supported.
  • Only one Dynamics 365 organization (tenant) can be connected per Glean data source instance (DSI).
  • Glean does not write or modify any data in Dynamics 365 during operation.

Crawling Strategy

Crawl typeFull CrawlIncremental CrawlPeople DataActivityUpdate RateWebhookNotes
Dynamics 365 CRMYesYesNoNoTimelyN/AOnly Sales module, one org per DSI

Requirements

The following requirements must be met to use the Dynamics 365 Connector.

Technical Requirements

  • Microsoft Dynamics 365 Sales module must be licensed and accessible within your organization.
  • An O365 data source (OneDrive or SharePoint) set up in Glean and linked to the same Azure tenant as Dynamics 365.
  • Azure Portal access for registering and managing applications.

Credential Requirements

  • You must generate and provide:
    • Application (Client) ID
    • Directory (Tenant) ID
    • Client Secret
    • Dynamics 365 Organization ID
These credentials are configured and obtained during the Azure Portal setup. Only admin-level users (Global, Application, or Cloud Application Admin) must complete this process.

Permission Requirements

  • Microsoft 365 and Azure admin privileges are required for setup and granting consent.
  • The new Azure Application must have:
    • Microsoft Graph (Application): User.Read.All, Directory.Read.All
    • Dynamics CRM (Delegated): user_impersonation
  • You must assign a Dynamics 365 Security Role to the Application User (recommended: System Administrator, or a custom org-level read-only role with appropriate table access).
  • Admin consent must be granted on the app in Azure Enterprise Applications.

Preliminary Source/System Setup

  • Register Glean application in Azure (App registrations).
  • Set up O365 data source in Glean.
  • Assign permissions and grant consent.
  • Create Application User in Dynamics 365 and assign appropriate Security Role.

Configuration and Setup Instructions

This section guides you through initial connector setup and ongoing configuration.

Prerequisites

Before starting, ensure you:
  • Have Glean established as an app in your Azure Tenant.
  • Have an O365 (OneDrive or SharePoint) source already set up in Glean from the same Azure tenant as your Dynamics 365 instance.

Authentication and Credentials

  • Register a new Azure app, name it Glean and select Accounts in this organization only (Single tenant).
  • Add required Microsoft Graph and Dynamics CRM permissions.
  • Grant Admin Consent for all API permissions.
  • Generate a new Client Secret and copy its value. Ensure to store it securely.
  • Obtain your Dynamics 365 Organization ID from the Dynamics 365 instance URL.
  • In the Dynamics 365 Power Platform Admin Center, create a new Application User using the app registration information and Organization ID.
  • Assign Security Roles as appropriate; System Administrator gives the broadest access.

Step-by-Step Setup

Required permissions for setup

  • The user setting up this data source must be the Global Admin.

1. O365 Data Source Association

  1. Ensure some O365 Data source (e.g. OneDrive/Sharepoint) with Dynamics 365’s Azure tenant id is already setup.

2. Register a new app

  1. Sign into the Azure portal. Select Microsoft Entra ID, then Manage > App registrations > New registration.
  2. On the Register an application page, register an app with the following:
FieldValue
NameGlean
Supported account typesAccounts in this organizational directory only (Single tenant)
Redirect URI(Leave this field blank)
  1. Click Register.
Register application

3. Configure permissions

  1. On the left side navigation on the overview page, click on Manage > API Permissions.
  2. Click Add a permission and select Microsoft Graph. Select Application permissions and add the following:
  • User.Read.All
  • Directory.Read.All
  1. Click Add a permission and select Dynamics CRM. Select Delegated permissions and add the following:
  • user_impersonation
  1. Ensure you are signed into Azure as a Global, Application or Cloud Application administrator.
  2. Use the search box to navigate to Enterprise applications. Select the Glean app you created from the list of applications.
  3. Click Permissions under Security. Review the permissions shown, and then click Grant admin consent.
Grant admin consent By this step, you must have the following permissions provisioned on the API Permissions page. Dynamics 365 API permissions

5. Generate secret

  1. Navigate to Microsoft Entra ID > Manage > App registrations and click on the app you created earlier.
  2. Click Manage > Certificates & secrets in the left sidebar.
  3. Click on New client secret. Enter a description and select 24 months for expiry time, then click Add.
  4. Under Client secrets, copy the Value (not the Secret ID) you generated and enter it in Glean as the Client secret. The Value is shown only once.
Azure generate secret

6. Get Dynamics 365 Organization ID

  1. Check the URL bar in your browser. The Dynamics 365 Organization ID is part of the domain name. For example if you see: https://org810c0cef.crm.dynamics.com/ in the URL bar, your Organization ID is org810c0cef.

7. Add Application User in Dynamics 365

  1. Sign into the Power platform admin center.
  2. Select the Dynamics 365 Environment you want to connect to Glean.
  3. On the Dynamics 365 Environment page, navigate to Settings > User + permissions > Application users to add a new application user.
Dynamics 365 environment settings
  1. In the Application users page, click + New app user to open Create a new app user dialog.
  2. Enter the previously created app name, Dynamics 365 Organization ID and Role name which provides read access to the Dynamics 365 data and click Create.
Dynamics 365 new application

8. Fill out keys

  1. Scroll to the top of the left sidebar and click Setup.
  2. Copy the Application (client) ID & Directory (tenant) ID and enter it in the Glean self serve page.
  3. Enter the Dynamics 365 Organization ID in the designated field.
  4. Click Save. If the credentials save, you’re all set!

Crawl Configuration Options

  • You can configure crawl type (full or incremental), lookback periods, and inclusion/exclusion of specific objects through Glean’s interface.
  • Redlist/greenlist: Limit surface area by object type or field as preferred.
  • Lookback period: Set retention for historical records during initial crawls.
  • For custom object support, you can submit feature requests to Glean.

Permissions & Security

Data and Metadata Ingested

  • Data: Accounts, Contacts, Opportunities, Leads, Activities (email, meetings, attachments), metadata (timestamps, owners, etc.)
  • Identity mappings support access control mirroring Dynamics 365’s security roles and business units.

Permission Propagation Logic

  • Permissions from Dynamics 365 are respected: Users see only records they can access within the source system.
  • Sharing-based and hierarchy ACLs are not supported; only Security Role-based access is enforced for the indexed objects.

Security & Compliance Notes

  • Authentication uses OAuth2 against Azure AD.
  • Glean does not modify or create data in your Dynamics 365 environment.
  • Supported for one Dynamics 365 organization per Glean data source instance.

Known Security Restrictions

  • All crawling is limited to the Sales module. Other modules, projects, or case data are excluded.

Data Privacy Implications

  • Indexed CRM data may include personally identifiable information (PII) as present in source records.
  • Role-based access protects sensitive records from unauthorized views in Glean.
  • No external data sharing or writing occurs during crawl.