Installing SCO for SaaS Deployments

This topic describes the additional installation and configuration steps required when installing the Self-Checkout Connector (SCO) for a Business Central SaaS deployment.

It assumes that the common installation steps described in Installing the Self-Checkout Connector – Common Flow have already been completed.

SaaS Authentication Overview

In SaaS deployments, SCO authenticates against Business Central using OAuth 2.0 and Azure Active Directory (Azure AD).

Authentication is performed using an Azure AD application registration that grants SCO access to Business Central APIs.

The OAuth flow allows secure, token-based authentication without storing Business Central user credentials.

Business Central and Azure AD Requirements

Before continuing the installation, verify that the following requirements are met:

  • The Business Central environment is running in SaaS.
  • An Azure AD tenant is associated with the Business Central environment.
  • An Azure AD App Registration is available for SCO.
  • The Azure AD application has permission to access Business Central APIs.

Azure AD Application Registration

The Azure AD application used by SCO must provide the following information:

  • Tenant ID
  • Client ID
  • Client Secret

The application must be configured with the appropriate API permissions for Business Central and have admin consent granted.

Entering SaaS Authentication Settings

When prompted during installation, enter the following authentication details:

  • Tenant ID – Azure AD tenant identifier
  • Client ID – Application (client) ID
  • Client Secret – Secret generated for the application
SaaS authentication configuration screen

SCO uses these values to acquire OAuth access tokens and authenticate all calls to Business Central APIs.

Completing the Installation

After authentication details are entered, the installer completes the installation by:

  • Validating the Azure AD authentication configuration.
  • Storing OAuth settings in the SCO configuration database.
  • Finalizing the IIS configuration.

When installation is complete, the SCO Management Portal opens automatically.

Post-Installation Verification

After installation, verify the following:

  • The SCO Management Portal loads without errors.
  • The connector status is Running.
  • SCO can successfully authenticate and communicate with Business Central.

If authentication settings are changed after installation, the SCO Connector must be restarted for the changes to take effect.

Next Steps

Continue with the configuration steps specific to your device manufacturer:

  • Configuring SCO for Diebold Nixdorf Devices
  • Configuring SCO for NCR Devices
  • Configuring SCO for Custom Devices