OAuth Credentials and API Key Setup

These dialogs collect credentials that Smart Agents stores securely in IsolatedStorage (module scope).

Page type: StandardDialog (two dialogs, no source table) Objects:

Page 72778320 "SA OAuth Credentials QUA" — Page.72778320.SAOAuthCredentials.al

Page 72778341 "SA API Key Input QUA" — Page.72778341.SAAPIKeyInput.al

Note — merged page: This manual covers two credential dialogs. Set OAuth Credentials is used for cloud (AppSource) and dev/PTE installations that authenticate through an Entra app registration. Set On-Prem API Key is used for on-premises installations that authenticate with a simple API key.

These dialogs collect credentials that Smart Agents stores securely in IsolatedStorage (module scope). You fill in the fields and choose OK; the values are never written to a BC table and are not visible after the dialog closes.

In plain terms

These dialogs store the login credentials Smart Agents needs to reach its backend — the external service that runs the AI. There's no AI concept here; it's plumbing, and most cloud (AppSource) customers never touch it because Microsoft supplies the secrets automatically.

It's the same as entering the OAuth client ID/secret or service credentials on a setup card for any third-party integration (a payment provider, a shipping API). They're kept in secure storage, masked, and never shown in a table.

Which one you use depends on your install:

Set OAuth Credentials — for dev/PTE installs (or any case where the publisher Key Vault isn't auto-authenticated). You paste an Entra app registration's Client ID/Secret.
Set On-Prem API Key — for on-premises installs. You paste the API key from the Smart Agents admin dashboard.

If you're a standard AppSource (cloud) customer, you can usually ignore both — registration in Setup handles credentials for you.

How to open it

Both dialogs are opened from the Smart Agents Setup page via their respective setup actions. They are not available through Tell Me or direct navigation.

Set OAuth Credentials

Use this dialog in dev/PTE installs, or whenever the publisher Key Vault is not automatically authenticated by Microsoft. In production AppSource installs the secrets come from the publisher Key Vault automatically and you typically do not need to use this dialog.

Fields

Publisher OAuth2 Credentials

Field	Type	Description
Client ID	Text[250]	The Application (client) ID from your Entra app registration.
Client Secret	Text[250]	A client secret from your Entra app registration. Displayed as masked (password field).
Key Vault URL	Text[250]	Optional. Required only in dev/PTE installs where the Key Vault declared in app.json is not authenticated by Microsoft. When provided, Smart Agents uses these credentials to authenticate to this Key Vault and read all backend secrets (backend URL, identifier URI, S2S credentials). Example: `https://my-kv.vault.azure.net/`
Tenant ID	Text[100]	Optional. Specify the Azure AD (Entra) tenant ID to use for Key Vault authentication in dev/PTE scenarios. Leave blank to use the default BC tenant.

Field	Type	Description
API Key	Text[500]	The on-prem API key issued by your Smart Agents administrator. Displayed as masked (password field).

Notes

Both dialogs are StandardDialog pages: choose OK to save the entered values, or Cancel to discard them. No data is written to any BC table.
Credentials are stored in IsolatedStorage at module scope, meaning they persist across sessions but are isolated to this extension.
Client Secret and API Key fields use ExtendedDatatype = Masked — the value is hidden as you type and is not shown once saved.
In production AppSource installs the publisher Key Vault supplies all secrets automatically. You only need Set OAuth Credentials if the Key Vault is not authenticated by Microsoft (for example, in dev or PTE scenarios).
After saving an API key, you can verify connectivity from the Smart Agents Setup page.

OAuth Credentials and API Key Setup

On this page