Reputation: 293
CRM 2016, OAuth and OData API
I have an on-premise CRM 2016 system that uses Active Directory and when I attempt to access the OData API from a desktop app, using network credentials, I get an un-authorised message.
After looking into this it would appear that I need to authenticate using OAuth which in turn would require installing AD Federation Services.
Before going down this path I would like to know if this is the correct approach to take?
I've been able to find plenty of examples on how to acheieve this using CRM online/Azure AD, but not much for on-premise 2016.
Upvotes: 2
Views: 1535
Answers (2)
Reputation: 769
If your desktop app built on .NET framework and runs in the same local network as your CRM server then you can use XRM Tooling SDK instead.
This SDK lets you create a CrmServiceClient object using a connection string from your configuration file. This object implements the IOrganization interface which means it has the CRUD methods you can use against your CRM.
CrmServiceClient service = new CrmServiceClient(ConfigurationManager.ConnectionStrings["mycrmconnstr"].ConnectionString);
Upvotes: 2
Reputation: 1761
Yes, that's the way to make it work with CRM On-Premise.
You will have to install and configure ADFS (according to documentation ADFS 3.0 is the latest version supported). Once everything is set up, the overall process is quite similar to when you're doing it in Online with AAD:
Add-AdfsClient -ClientId <CLIENT_ID> -Name <APP_NAME> -RedirectUri <REDIRECT_URI>
Grant-AdfsApplicationPermission -ClientRoleIdentifier <CLIENT_ID> -ServerRoleIdentifier <CRM_URI>
- Connect using Authorization Code Grant
Authorization Code is the only flow implemented in ADFS 3.0 (that's why I mentioned it before) so don't waste 4 o 5 hours trying to use Implicit like I did :(. ADFS 4.0 implements it (along with Client Credential and Resource Owner Password Credentials but in theory is not supported (although I've seen it working).
As you said the process is not well documented but you'll find some questions on forums or some blog post that will help you. I found THIS one very helpful, even though is not Dynamics related.
Upvotes: 1
Related Questions
- oAuth2.0 authentication with crm365
- accessing crm changes via odata
- Authenticate to Dynamics 365 On premise
- Generic OAuth Client for Microsoft Dynamics CRM
- Access Microsoft Dynamics CRM 2016 REST WEB API
- Simple Odata With Ms Dynamic 2016 Web API insert return null
- OAuth to Microsoft Dynamics Marketing OData Feed
- Dynamics CRM REST oData endpoint support for All and Any
- how to go pass windows live authentication and consume CRM Odata services?
- CRM 2011, REST, OData and Security Roles