O365 Consuming Azure PAAS SQL DB Through BCS


This document explains the steps to configure BCS using Office 365 that can pull data from Azure PaaS SQL DB and also how to configure firewall IP ranges and network possibilities.

Create Azure SQL DB

Go to Azure > SQL Database. Click add and create a new SQL server and New SQL DB. Existing Azure SQL DB can also be used for this purpose, as shown below in the image.

Make a note of the SQL server admin and Password credentials.


Create Secure Store Token ID

Go to Admin site of the O365 tenant and open secure store tab

Create a new secure store token ID with username as SQL server username and password as SQL server password, as shown below in the image.

Make a note of the secure store token ID.


Configure in SharePoint Designer 2013

Create an external content type with the external system as shown in the below image.

In the add connection wizard provide Azure SQL DB related field values along with secure store token as shown below in the image.


On click of the ok button, an error popup will be shown, but this pop up is specific to some networks.


As a onetime activity add the IP specified in the popup to the firewall settings of the Azure SQL server firewall settings page. Along with that add 11 more IP ranges to the firewall settings page in Azure SQL server as shown below.


IP Ranges table

The above IP ranges may be updated based on Microsoft updates. These updates needs to be periodically checked in this site.

Next go back to the SharePoint designer and click ok, now the connection will be stabilized and the DB will be created.

Select any DB and create all operations, set parameters, filters and click finish.


Click the save button at the top left of the designer to save the connection to external content type.

Now the Temporary client IP added to Azure SQL firewall can be deleted. Don’t delete other 11 IP Ranges.

Now navigate to the O365 admin site > BCS tab > click Manage BDC models and external content types.

The newly created content type will be reflected there in the BCS screen. Select the content type and “set object permissions” and “set metadata store permissions” as shown below


ADD BDC Web part or External List in O365

Create a new web page and add Business Data List Web Part as shown below


Edit the web part and configure the external content type to the above-created one as shown below.


BCS is configured and shown as below.