Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Service | Customer Service, Contact Center, Fie... / Building a Custom Reac...
Service | Customer Service, Contact Center, Fie...
Unanswered

Building a Custom React Native App (Node.js Middle Layer) with Field Service Backend

(3) ShareShare
ReportReport
Posted on by ZM-05032132-0
 

Hello everyone,

I’m working on a Facilities Management solution that uses Dynamics 365 Field Service for the backend. Instead of using Canvas apps or the out-of-the-box Field Service mobile app, we’re building our own front end with React Native. We also have a Node.js middle layer (hosted on AWS) that handles custom APIs and relays data to/from Field Service. For authentication, we have an Azure Function that stores our secret ID, client ID, tenant ID, etc., and we generate tokens via OAuth 2.0.

We chose React Native because our UI/UX team has very specific requirements that aren’t easily handled by Power Apps alone. Our main questions revolve around solution architecture and licensing compliance:

 

1.Architecture Validation

•Are there any official guidelines or Microsoft best practices about using a custom front-end (React Native) + Node.js middle layer with Field Service as the backend? We wanted to confirm we’re not violating any policies by bypassing Canvas or Model-driven app front ends.

 

2.License Requirements

•For every user logging into the React Native app, do we need a full Dynamics 365 Field Service license?

•Is there a scenario where Power Apps licenses (per app/per user) suffice, given we are primarily reading and writing data from Field Service tables?

•How does Microsoft view “multiplexing” in this scenario? If our Node.js layer calls Field Service APIs on behalf of multiple users, can we use a single “service account,” or do we need to license each individual?

 

3.OAuth & Azure Function Flow

•We’re issuing tokens to the mobile app users through Azure AD (Azure Function has the client/secret). Any recommended approach for ensuring each real user is properly licensed and recognized in Field Service?

•Any best practices for storing or refreshing tokens in a React Native + Node.js + Field Service architecture?

Categories:
Dynamics 365 Field Service
  • Saif Ali Sabri Profile Picture
    Saif Ali Sabri 2,195 Super User 2025 Season 1 on at
    Building a Custom React Native App (Node.js Middle Layer) with Field Service Backend

    “AI was used in this reply”.
    Your approach—using a React Native front end, Node.js middle layer, and Dynamics 365 Field Service as the backend—is technically feasible, but there are key Microsoft licensing and compliance considerations to keep in mind. Below is a structured response to your queries:

    1. Architecture Validation

    Custom front-end with a Node.js middleware is allowed

    • Microsoft does not mandate using Canvas apps or the Field Service Mobile app, as long as your app interacts with Dynamics 365 through supported APIs (Dataverse Web API, Field Service APIs, or Power Platform connectors).
    • Your architecture must comply with Microsoft's licensing policies, especially regarding multiplexing (explained in section 2).
    • Using Azure AD OAuth 2.0 for authentication aligns with best practices.

    🔹 Best practices:

    • Ensure API calls respect security roles and permissions of the logged-in user.
    • Follow Dataverse API limits and best practices to avoid throttling.
    • Use Field Service-specific APIs instead of generic Dataverse calls when possible for performance optimization.

    2. Licensing Requirements

    Microsoft licensing can be strict, especially regarding multiplexing. Here’s how it applies:

    🔹 Do users need a full Field Service license?

    • Yes, if users are performing core Field Service tasks (work order management, scheduling, resource tracking).
    • No, if users only interact with minimal Field Service data and their role aligns with Power Apps usage rights (e.g., viewing limited table data).

    🔹 Can Power Apps licenses work?

    • If your app only reads and writes data to custom tables and does not rely on Field Service functionality (e.g., scheduling, dispatching, advanced work order handling), then a Power Apps per-user or per-app license might be sufficient.
    • If your app interacts with Field Service-specific tables (e.g., Work Orders, Bookings, Resources), a full Field Service license is required.

    🔹 Multiplexing & API Calls via Node.js Layer

    • Microsoft requires every end user accessing Field Service data to be licensed.
    • If your Node.js middleware makes API calls on behalf of multiple users, each real user must have a valid license (Field Service or Power Apps, depending on features used).
    • Using a single service account to proxy API requests for multiple users is considered multiplexing and is not compliant with Microsoft licensing policies.

    💡 Recommendation:

    • Implement user-specific authentication (OAuth 2.0) in your app, so each API request is performed using the user’s own credentials and security roles.
    • Avoid service accounts for user interactions. Instead, have each user authenticate individually.

    3. OAuth & Azure Function Flow

    🔹 Best practices for authentication & licensing validation:

    • Ensure each user is authenticated via Azure AD (i.e., do not issue shared tokens).
    • Your Azure Function can issue OAuth 2.0 tokens for each user by implementing user delegation (not just app-level authentication).
    • When calling Field Service APIs, always include the user’s identity in the request.

    🔹 Token Storage & Refresh Best Practices:

    • Store access tokens securely in the React Native app (e.g., use SecureStore in Expo or AsyncStorage with encryption).
    • Implement refresh tokens to minimize login prompts.
    • Use Microsoft Authentication Library (MSAL) for React Native to handle token management efficiently.

      •  

    Final Recommendations & Compliance Check

    Ensure all users accessing Field Service data have appropriate licenses (Field Service or Power Apps based on usage).
    Avoid multiplexing—every user must authenticate and perform actions using their own credentials.
    Follow Dataverse API best practices to optimize performance and avoid throttling.
    Use MSAL or OAuth best practices for secure authentication and token management.

    Would you like guidance on specific API calls for your app?

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Jainam Kothari – Community Spotlight

We are honored to recognize Jainam Kothari as our June 2025 Community…

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard > Service | Customer Service, Contact Center, Field Service, Guides

#1
Daivat Vartak (v-9davar) Profile Picture

Daivat Vartak (v-9d... 153 Super User 2025 Season 1

#2
Siv Sagar Profile Picture

Siv Sagar 104 Super User 2025 Season 1

#3
Engy Louis Profile Picture

Engy Louis 37

Last month Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans