CrmServiceClient supported kind of authentication
As a Dynamics 365 or Dataverse developer, you need often to write custom code to work with your application. As you know, in order to use the API you should first be authenticated with D365.
This article describes what are the different ways of authentication when working with Microsoft.Xrm.Tooling.Connector and its Crm
In fact, within this wonderful Crm
|AD||Works only for on premise env or at least with NTLM/Kerberos WinAuth setup|
|IFD||Works with an ADFS + IFD mode and a username password|
|OAUTH||Can be used for both D365 online and on premise. But, for on premise ADFS 3.x+ and App\Client Id registration with ADFS is required|
|CERTIFICATE||Same as OAUTH|
|CLIENTSECRET||Same as OAUTH|
|OFFICE365||Works only for D365 Cloud (Dataverse) envs|
For each type you can build a connection string with dedicated parameters that will help to define the needed connection information.
Then, you could simple use the few lines of code to instantiate your service and get authenticated to D365. Please find below a code snippet that illustrate how to deal with on premise connection.
var crmSvc = new CrmServiceClient("AuthType=AD;Url=<CRM_URL>;Domain=<YOUR_DOMAIN>;Username=<USERNAME>;Password=<PASSWORD>"); var crmService = crmSvc.OrganizationServiceProxy != null ? crmSvc.OrganizationServiceProxy as IOrganizationService : crmSvc.OrganizationWebProxyClient; var userId = (WhoAmIResponse)crmService.Execute(new WhoAmIRequest()); LogHelper.LogInformation("CRM Service OK user ID: " + userId.UserId);
You can follow this Microsoft documentation that will give you needed details to implement each type: here
It's very useful to know that the SDK supports and helps developer with different kind of authentication. It will allow the organizations to enforce or adapt their security model according the possibilities, for example by using a certificate instead of a username/password.
In another hand, please note that if you have a deal with other kind of auth, more exotic or custom, that are imposed by your customers/organizations, it will be very difficult or sometimes impossible to make them work with those SDK options.
Add new comment