Contracts Suite with Azure Key Vault on Microsoft Dynamics - Installation and Configuration Guide

  • Published on Dec 23, 2025
  • 4 minute(s) read
  • PH
  • Migration Team
 Prev Next

Overview

This document outlines the standardized approach for creating Secrets in Azure Key Vault using pre-defined Product Configuration records. Each configuration corresponds to a specific product/feature set up and uses a consistent JSON template to ensure secure and uniform integration with external systems. TechnoMile maintains a set of Product Configuration records in the system. These records define parameters required for secure communication with external services.

TechnoMile’s Contracts Suite solution helps Government Contractors manage the entire Contract Lifecycle initiating from pre-award to post-award through a user-friendly set up and administration tasks. The Contracts Suite solution is built on a highly flexible and scalable Microsoft Dynamics platform where users can easily configure and manage Contract and Subcontract processes.

This guide will take you through the installation and configuration steps for the Contracts Suite app with Azure Key Vault enabled.

Audience

  • Microsoft Dynamics Administrators

  • IT Support

Prerequisites

  • Ensure that TechnoMile's Contracts Suite is already installed and configured. The version of this package must be 2025.3 or higher.

  • Retrieve Azure/Entra application details such as Client ID, Client Secret, and Tenant ID.

  • Retrieve name of Azure Key Vault.

Recommendation

  • It is advisable to maintain separate Azure Key Vaults for each instance in order to segregate configurations for different environments (for example, Development, UAT, or Production).

Installation

It is recommended to install all packages in a Sandbox/Test environment for testing, prior to their installation in your Production environment.

Please contact TechnoMile Support or email support@technomile.com for separate installation packages for your Sandbox/Test environment.

Import TechnoMile GRC Suite Solution with Azure Key Vault

IMPORTANT

Check all Power Automate Flows to ensure that they are turned ON. If a Power Automate Flow is not ON, select Edit for the flow, create its Connections, and turn it ON.

mceclip5.png

  1. Login to your Microsoft Dynamics instance.

  2. Go to https://make.powerapps.com/

  3. Go to Solutions and click Import solution.

  4. Click Browse and select the TechnoMile GRC Suite installation package that you had received from TechnoMile, which is saved on your system and click Next.

  5. Click Next.

  6. Click the ellipsis (three dots) icon against a red invalid connection, if any.

  7. Click Add new connection.

  8. Select Service Principal authentication, enter Client ID, Client secret,Tenant ID, and Key vault name, and click Create.


    A valid connection is added in green color.

  9. Similarly, perform the same steps for all other invalid connections visible on this window.

  10. Click Next.

  11. Click Import.
    The following message is displayed Solution “TechnoMile GRC Suite” imported successfully, and the installed TechnoMile GRC Suite package is displayed on the Managed tab of the Solutions page.

Configuration

Product Configurations

  1. Click the gear icon and select Advanced settings.

  2. Click the funnel icon to access Advanced Find.

  3. Select Product Configurations and click Results.
    A list of Product Configurations displays.

  4. Open Key Vault Enabled.

  5. Ensure that Value is set to true and click Save.

  6. Similarly, open Azure Application Credentials.

    IMPORTANT

    Note that this configuration is instance-specific and must be confirmed by the client prior to set up. It must also be verified in the Azure portal prior to proceeding.

  7. Ensure that Contains Secret is set to Yes.

  8. Verify that the JSON Value field is blank and click Save.

  9. Similarly, open Clause Library API.

  10. Ensure that Contains Secret is set to Yes.

  11. Verify that the JSON Value field is blank and click Save.

  12. Similarly, open Transform Copilot Widget.

  13. Ensure that Contains Secret is set to Yes.

  14. Verify that the JSON Value field is blank and click Save.

  15. Similarly, open Wage Determination.

  16. Ensure that Contains Secret is set to Yes.

  17. Verify that the JSON Value field is blank and click Save.

Key Vault Configurations

IMPORTANT

Prior to adding Secrets into your Key Vault, ensure that the Product Configurations mentioned in the previous topic are verified by TechnoMile, as these are typically both client and instance specific.

  1. Go to https://portal.azure.com/

  2. Search for and click Key vaults.

  3. Open Key Vault Power Auto Test.

    NOTE

    Currently, Secrets are added to the Key Vault named Key Vault Power Auto Test. Note that the name of the Key Vault may vary across instances or clients. However, ensure that the Secret names are maintained exactly as listed below:

    • AzureApplicationCredentials

    • ClauseLibraryAPI

    • TransformCopilotWidget

    • WageDetermination

  1. Expand Objects, click Secrets, and verify that the Secrets are present.

    IMPORTANT

    Ensure that all the above Secrets are created and their Status is set to Enabled.
    If any of these Secrets are missing (for example, AzureApplicationCredentials), create them using the same naming convention as listed above.

  2. Open AzureApplicationCredentials.

  3. Open Current Version.

  4. Scroll down and click Show Secret Value.

  5. Paste the following syntax into the Secret value field, if this field is blank or its data is changed.

    NOTE

    For GCCH users, MS Token Base URL will be login.microsoftonline.us.

    { "Azure_TenantId": "*********************",
"Azure_ClientSecret": "****************",
"Azure_ClientId": "******************",
"MS_TokenBaseURL": "login.microsoftonline.com" }

  6. Open ClauseLibraryAPI.

  7. Open Current Version.

  8. Scroll down and click Show Secret Value.

  9. Paste the following syntax into the Secret value field, if this field is blank or its data is changed.

    { "username": "********",
"password": "*********",
"base_url": "*******",
"token_url": "/oauth/token",
"clause_type_url": "/clauselib/v1/clauses" }

  10. Open TransformCopilotWidget.

  11. Open Current Version.

  12. Scroll down and click Show Secret Value.

  13. Paste the following syntax into the Secret value field, if this field is blank or its data is changed.

    { "BaseURL": "*******",
"Api_ClientId": "********",
"Api_ClientSecret": "********",
"Widget_InstanceName": "*******",
"Widget_ClientId": "********",
"Widget_ClientEmail": "**********************",
"Widget_ClientSecret": "***************",
"Widget_TokenUrl": "/o/oauth2/token",
"Register_Token": "/o/provisioning/register-token",
"widget_Url": "/web/guest/mediator?widget=true&consumer=ms&timestamp=","MS_TokenBaseURL": "login.microsoftonline.com" }

  14. Open WageDetermination.

  15. Open Current Version.

  16. Scroll down and click Show Secret Value.

  17. Paste the following syntax into the Secret value field, if this field is blank or its data is changed.

    { "client_id": "***************",
"client_secret": "*********",
"baseUrl": "***************",
"searchUrl": "/wdol/v1/search",
"tokenUrl": "/oauth2/token",
"stateUrl": "/census/us/states",
"countyUrl": "/counties" }