Overview
D365 CRM Intelligence is an AI assistant for natural language querying of Dynamics 365 CRM data, built on Azure AI Foundry agents with retrieval-augmented generation (RAG) over Azure AI Search.
Instead of navigating CRM views and building advanced-find queries, users simply ask questions like "Show me open opportunities over $500k" or "Which accounts haven't had contact in 90 days?" — and receive grounded, cited answers drawn from live Dynamics 365 data, with citations linking back to the original CRM records.
Key aspects include:
- Azure AI Foundry agent (gpt-4.1) on the new versioned-agents surface (Responses API), orchestrated in .NET via the Microsoft Agent Framework — the successor to Semantic Kernel
- Hybrid retrieval (vector + keyword + semantic ranking) over Azure AI Search, connected to the agent as a built-in tool, with vectors from text-embedding-3-large
- Live Dataverse Web API access through agent function tools — exact revenue figures, pipeline totals, and recent activities straight from Dynamics 365
- Enterprise security by design: Microsoft Entra ID end-user authentication, per-user rate limiting, IP-restricted API ingress, and DefaultAzureCredential / Managed Identity throughout — no API keys
- ASP.NET Core 10 minimal API streaming agent responses to a Next.js 16 frontend via Server-Sent Events, including live citation events
- Full observability with OpenTelemetry and Application Insights, with agent traces visible in the Azure AI Foundry portal
- Infrastructure as Code with Terraform (multi-environment) and Azure DevOps CI/CD using workload identity federation
Architecture
High-Level Architecture
Next.js 16 Frontend (Chat UI)• App Service built-in auth (Entra ID, assigned users only)• Chat proxy forwards the user's bearer token││ HTTPS + SSE▼ASP.NET Core 10 Minimal API• Bearer token validation (Microsoft.Identity.Web)• Per-user rate limiting · IP-restricted ingress││ Managed Identity▼Azure AI Foundry Agent (gpt-4.1, versioned, Responses API)• Microsoft Agent Framework (.NET)├── Built-in tool → Azure AI Search (hybrid retrieval + semantic ranking)└── Function tools → Dataverse Web API (live CRM data)Background Indexing Service (IHostedService)• Dataverse delta sync → chunk → text-embedding-3-large → AI Search▲│ OData RESTDynamics 365 / DataverseAccounts · Contacts · Opportunities · Cases · Activities
The agent combines two data access paths: semantic retrieval over indexed CRM data for broad, fuzzy questions, and live Dataverse Web API calls for questions that need exact values, aggregations, or up-to-the-minute accuracy.
Agentic RAG
The solution goes beyond classic RAG by letting the agent decide how to answer each question:
- Azure AI Search as a built-in agent tool — hybrid (vector + keyword) retrieval with semantic ranking over CRM records embedded with
text-embedding-3-large - Dataverse function tools — typed .NET methods the agent calls for live data: account details, open opportunities with exact estimated values, pipeline totals, recent activities and cases
- Grounded citations — the agent cites the search documents it used; a citation resolver maps them back to deep links into the original Dynamics 365 records, rendered in the chat UI
- Incremental background indexing — an
IHostedServicepolls Dataverse on a configurable schedule (default: every 15 minutes) using a high-watermark, so only changed records are re-embedded and indexing cost stays proportional to CRM change volume
This hybrid approach delivers both semantic breadth and transactional accuracy — a pattern directly applicable to enterprise CRM, ERP, and knowledge-base scenarios.
Security Model
Security follows an enterprise-first, keyless design:
- Microsoft Entra ID end-user authentication: App Service built-in authentication on the frontend, restricted to explicitly assigned users; the chat proxy forwards the user's access token, and the API validates every bearer token with Microsoft.Identity.Web — it never trusts its network position
- DefaultAzureCredential / Managed Identity for all service-to-service communication (Azure AI Foundry, AI Search, Dataverse) — no API keys anywhere in the system; the same code runs locally via Azure CLI credentials
- Per-user fixed-window rate limiting on the chat endpoint to protect AI capacity and control costs
- IP-restricted API ingress — the API only accepts traffic from the frontend's outbound addresses, default-deny otherwise
- Secrets-free configuration: all settings are environment variables bound via
IOptions<T>; application code never reads a credential
Streaming & User Experience
- The ASP.NET Core 10 minimal API streams agent responses via Server-Sent Events with typed events: text deltas, citations as they surface, and a completion event
- The Next.js 16 frontend (TypeScript, Tailwind CSS, App Router) renders tokens as they arrive and displays resolved citations with links into Dynamics 365
- Multi-turn conversations are service-backed: the agent service owns the conversation state, and the client resumes it via a conversation identifier — no chat history stored in the browser
Observability
- OpenTelemetry instrumentation across the API, agent orchestration, and the indexing pipeline
- Application Insights for distributed traces, metrics (agent latency, indexing throughput, embedding latency), and smart-detection alerts on error-rate spikes and latency
- Agent traces visible directly in the Azure AI Foundry portal, including tool invocations and token usage
Infrastructure & CI/CD
- Terraform provisions all Azure resources — Foundry project, model deployments, AI Search, App Services, Entra ID app registrations, RBAC — across dev, staging, and production, with remote state in Azure Blob Storage
- Three Azure DevOps pipelines: CI (build, tests, lint, Terraform validation on every PR), infrastructure (
terraform planon PRs, approval-gatedapplypromoted dev → staging → production), and release (zip deploy of the API and the Next.js standalone build — no containers) - Workload identity federation throughout — short-lived OIDC tokens instead of stored credentials, with split pipeline identities: an infrastructure identity holding Entra directory rights, and a deploy-only identity that can do nothing but ship web apps
Built With
Scope
This project demonstrates how to build production-grade AI agents on the Microsoft stack:
- agentic RAG combining hybrid vector retrieval, live enterprise APIs, and grounded citations
- keyless, identity-based security from the browser all the way to the AI service
- streaming agent UX with modern .NET and Next.js
- full observability and Infrastructure as Code from day one
The architecture is directly transferable to enterprise scenarios where AI assistants need secure, governed access to business data in Dynamics 365, Dataverse, or similar systems.



