A Fenwick Gold Account links your subscription licenses to your system.

If you’re using a Microsoft-hosted SaaS version of Business Central, please see Creating your Fenwick Gold Account.

The Service Tier needs to be configured to connect to your Azure AD Tenant. If you already use Office 365 Authentication you don’t need to re-do this step.

You will need to have an Azure AD tenant active for your organization first.

This section is a shortened version of the Single Sign-On guide by Microsoft. You may wish to reference this guide for more information about specific values.

You can get your Directory (tenant) ID from the Azure AD Properties page for your tenant.

  1. Open the Business Central Administration tool
  2. Select your instance from the left hand side
  3. Under the Azure Active Directory (Azure AD) section, update the WS-Federation Login Endpoint to the following value (replacing [AADTENANTID] with your Directory (tenant) ID):
    https://login.microsoftonline.com/[AADTENANTID]/wsfed
    Or, you can directly add/update the value in the CustomSettings.config:
    <add key="WSFederationLoginEndpoint" value="https://login.microsoftonline.com/[AADTENANTID]/wsfed" />
  4. Save the file and restart the service tier.

For multi-tenant deployments, the Tenant ID is set as part of the tenant mounting procedure.

Step 2. Starting the create account wizard

The steps in this guide work along with the Create Account wizard within Dynamics 365 Business Central. Throughout the guide you’ll need to copy and paste some values back into the wizard.

You can access this Assisted Setup, or by clicking Create Account on the Fenwick Gold Subscriptions page.

Step 3. Creating the App Registration

An App Registration will need to be setup on your Azure AD tenant to allow Fenwick Gold Account to securely communicate with our billing service.

These steps are based off the detailed Microsoft guide to help you set up a new App Registrations on your Azure AD Tenant.

  • Create only one App Registration for both LIVE and TEST environments.
  • You can use an existing app registration if it has already been setup for your Business Central app (skip to step 4). Don’t create another app registration.

Fenwick or your IT may complete these steps for you using a CSP/delegated admin account.

  1. Open your Azure Management Portal as an administrator.
  2. Click on New Registration in the App Registrations page.
  3. Provide a Name (i.e. Business Central Fenwick Gold Account) for the app registration and click on Register.
  4. Copy the Application (client) ID value and paste it in the Gold Account wizard.


Step 4. Create a Client Secret for the App Registration

A client secret allows Fenwick Gold to securely communicate with the Gold Account application installed on your Business Central.

  1. Select Certificates & Secrets for the app registration and click on New Client Secret.
  2. Provide a Description for the secret and click on Add. We recommend noting down the secret expiry date in your calendar so you can renew it when required.
  3. Copy the value using the copy button and paste it in the Gold Account wizard Client Secret field. Then click Next to proceed.


  4. Click Next.

Step 5. Configure the App registration with the correct API permissions

API permissions are required to authenticate communications between Business Central and your Azure Active Directory.

  1. Select API Permissions for the registered app and then click on Add a Permission.
  2. In the section APIs my Organization uses, locate Fenwick Gold Account.


    If you can’t see Fenwick Gold Account:
    • Double check you’re searching for “Fenwick” and not just “Gold”.
    • Make sure you have completed the Gold Account registration wizard while logged in to your companies Entra ID directory, otherwise the App will be in the wrong tenancy. Delegated admins will not work.
  3. Select All permissions and click on Add permissions
  4. Select the API/Permission Name and grant it Admin Consent.
  5. Click Next in the Gold Account wizard.