HOW TO CONNECT TO DYNAMICS 365 ENVIRONMENT WITH OAUTH AUTHENTICATION

Previously, we were applying the Office 365 authentication method to connect to the D365 environment by using the Dynamics 365 URL, User Name and Password in order to build the connection string and create the CRM Service as per the below sample.
string connectionString = "Url=" + Url + "; Username =" + UserName + "; Password=" + Password + "; authtype=Office365";
CrmServiceClient crmService = new CrmServiceClient(connectionString);

However, Microsoft has announced the deprecation of the Office 365 connection and declared to connect to Dynamics 365 with Oauth authentication method instead.

In this blog post, I will detail the needed steps that should be followed to connect to the Dynamics 365 environment using the OAUTH authentication.

Below are the three areas we have to configure for the OAUTH Authentication
  1. Azure to Register App
  2. Dynamics 365 to create App User
  3. Visual Studio to connect to the Dynamics 365 using OAUTH Authentication

Steps to do in Azure to Register App

  1. Access the Azure portal using the link https://portal.azure.com
  2. Enter the credentials of the Office 365 user
  3. In the search bar, type Apps Registrations. Click the one listed in the options displayed
  4. Click New registration
    D365 with OAUTH App Reg

  5. Enter the following info and click Register
    • Name
    • Supported account types
    • Redirect URI (optional)
    D365 with OAUTH App Reg2

  6. In the information page, save the value of the Application (Client) ID field. This value will be used later
  7. In the left navigation menu, click API permissions > Add a permission
  8. In the new pane choose Dynamics CRM
    D365 with OAUTH App Reg3

  9. In the new pane
    • Choose Delegated permissions
    • Check the option user_impersonation
    • Click Add permissions
    D365 with OAUTH App Reg4

  10. Click Grant admin consent for <yourorganizationname>, and click Yes in the confirmation dialog popup
    D365 with OAUTH App Reg5

  11. In the left navigation menu, choose Certificates & secrets > New client secret
    D365 with OAUTH App Reg6

  12. In the new pane, select the needed option for Expires and click Add
  13. Save the value of the Client Secret generated because the key will be hidden. This value will be used later
    D365 with OAUTH App Reg7

  14. Go to the Manifest menu and set the properties allowPublicClient and oauth2AllowImplicitFlow to true
    D365 with OAUTH App Reg 8

Steps to do in Dynamics 365 to create App User

  1. Open the Dynamics 365 environment
  2. Go to Settings > Security > Users
  3. Choose the Application Users view
  4. Click New to create a new user and choose the form named Application User
  5. In the new user form
    • Enter the value of the User Type field and set it to Application User
    • Enter the value of the Application ID field (the one saved in step I.6)
    • Enter values for Full Name and Primary Email fields
    D365 with OAUTH App user

Steps to do in Visual Studio to connect to the Dynamics 365 using OAUTH Authentication

  1. Open Visual Studio
  2. Right click the application project > Manage Nuget packages
  3. Find and Install the ADAL package (Microsoft.IdentityModel.Clients.ActiveDirectory)
  4. In order to connect to D365 with the new OAUTH method, the following configurations are added to the config file:
    • WebApi: HTTP REST API giving access to the Dynamics 365 instance. It can be extracted from the developer's resources
    • ApplicationID: The value copied from Application (Client) Azure ID (Step I.6)
    • ClientSecretKey: The secret key of the Azure client (Step I.13)
    • Url: D365 ENV link: https://<organizationname>.crm4.dynamics.com
  5. When debugging the code, you can verify that the Service is Ready and can be used
    D365 with OAUTH VS

  6. Use the snippet of code for GetOrganisationService function
    private static CrmServiceClient GetOrganisationService() {
    AuthenticationParameters ap = AuthenticationParameters.CreateFromUrlAsync(new Uri(WebApi)).Result;
    //Application id and client secret key
    var creds = new ClientCredential(ApplicationId, ClientSecretKey);
    //Acquire a token
    AuthenticationContext authContext = new AuthenticationContext(ap.Authority.Replace("/oauth2/authorize", ""));
    var pretoken = authContext.AcquireTokenAsync(ap.Resource, creds).Result;
    var token = pretoken.AccessToken;
    Uri serviceUrl = new Uri(Url + @"/XRMServices/2011/Organization.svc/web?SdkClientVersion=9.1");
    using (var sdkService = new Microsoft.Xrm.Sdk.WebServiceClient.OrganizationWebProxyClient(serviceUrl, false))
    {
    sdkService.HeaderToken = token;
    crmService = new CrmServiceClient(sdkService);
    }
    return crmService;
    }
Bonus Tip:
You can connect to the XrmToolBox using the OAUTH authentication
  • Create a new connection wizard
  • Check the option OAUTH for the authentication
  • Put the needed info and create the connection
    • Application Id (Step I.6)
    • Client Secret Key (Step I.13)
    • Redirect URI (Step I.5)


Hope This Helps!

Comments

Post a Comment

Popular posts from this blog

DYNAMICS 365 HOW TO HIDE RECENT RECORDS FOR LOOKUP FIELD IN UCI

Image
In UCI, a lot of behaviors have been changed comparing to the Classic Web Interface such as the tabs, BPF, and many others. Today, I will be talking about one of these behaviors which is the Recent Records in lookup fields. In a brief summary, the Recent Records feature will suggest the latest records that have been searched for, where the user can select one of them, and, the list of available records of the current view will then be displayed. This is a nice-to-have feature since it might help the users to speed up data entry. However, if the lookup has been filtered to display specific records, the Recent Records will not respect this filter and will keep showing records even is they should not. This scenario can lead to selecting a record by the user that is not allowed to be selected. Therefore, in this situation, it is better to hide the Recent Records t
Read more

SEARCH BY GUID IN DYNAMICS 365

Image
Is it possible to search for a CRM record using its GUID ? Well, NO it is not possible and YES it is possible!!! As always has been, it is not possible to search for a record by its guid in Advanced Find and in the Quick view search. However, in the model-driven app Edit filters functionality, it is possible to search for a record by its Guid. How it works, let's check the 3 different places where we can search for a records. Advanced Find search Using the Advanced find feature, you cannot put a GUID value to search for. You will directly receive an error notification eventhough when you download the fetchXml, the Guid of the record will be there. Quick view search Using the search box
Read more

SAVE FORM IN DYNAMICS 365 JAVASCRIPT

Image
In Dynamics 365, you may need to save a CRM form automatically in JavaScript upon a specific action on the form. In order to do that, the function formContext.data.save(saveOptions).then(successCallback, errorCallback); can be used to save the record asynchronously with callback functions to be executed after the save operation is completed. The following example will display a successful message if the save operation is completed, and a failure message if not. formContext.data.save(1).then( function () { alert("Successfully Saved!"); }, function () { alert("Failed while saving!"); });
Read more