Effective Feb 4, 2020 - Use of the WS-Trust (Web-Service Trust) authentication security protocol while connecting to Common Data Service has been deprecated. This change affects applications that utilize Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy and Microsoft.Xrm.Tooling.Connector.CrmServiceClient classes for the authentication type of "Office365".

The WS-Trust protocol is a security protocol that is inherently insecure by current encryption standards. In addition to this, the WS-Trust protocol does not support the modern forms of Multi-Factor Authentication and conditional access controls to customer data.

In this blog, considering the above change, we will learn how a developer can make use of the capabilities of the Azure Active Directory to secure and protect access to their applications and customers in Common Data Service.

PRE-REQUISITES

  1. A valid Dynamics-365 CE (CRM) Instance
  2. MS Visual Studio (version 2017 or above)
  3. Azure Active Directory Application
  4. Application ID, Client Secret
  5. CE Application User with an appropriate security role assigned

STEPS

  • Note down the string values of the following parameters:
  1. Azure Active Directory Application ID
  2. Azure Active Directory Tenant ID
  • Client Secret Key
  • Open a C# Console Application and add CrmSdk.XrmTooling.CoreAssembly NuGet Package.
  • Here, we will first form the Connection String to pass it to the CrmSeviceClient, keeping ‘ClientSecret’ our Authentication Type.
  • The connection string must look like the following.

Format

String connectionString = "AuthType=ClientSecret; url=; ClientId=; ClientSecret=”; 

Example

string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

  • Once the correct connection string is formed, we will pass it in a constructor of CrmServiceClient.

CrmServiceClient crmServiceClient = new CrmServiceClient (connectionString); //Connecting to the D-365 CE instance

  • Run the following code and check for yourself if you can connect to your D365 organization.

Note: Please provide your own parameters in the code

using Microsoft.Xrm.Tooling.Connector;

using System;

namespace CrmServiceClient_Blog

{

    internal class Program

    {

        private static void Main(string[] args)

        {

            string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

            CrmServiceClient crmServiceClient = new CrmServiceClient(connectionString); //Connecting to the D-365 CE instance

            if (crmServiceClient != null && crmServiceClient.IsReady)

            {

                Console.ForegroundColor = ConsoleColor.Green;

                Console.WriteLine("
Connected Successfully!");

                Console.Read();

            }

            else

            {

                Console.WriteLine("
Could NOT connect to D365 CE instance. Please make sure the Connection String is correct.");

                Console.Read();

            }

        }

    }

}

UNIT TESTING

  • After we run the above code, we can see that the connection to our D365 instance is successfully established.
  • crmServiceClient object of the CrmServiceClientclass gets the following important values that can be used in any operations in the code.

{Microsoft.Xrm.Tooling.Connector.CrmServiceClient}

ActiveAuthenticationType

ClientSecret

Authority

"https://login.microsoftonline.com/9dc73af2-e3c5-4b7d-b8c0-f19f12279496/oauth2/authorize/"

ConnectedOrgFriendlyName

"Abhi27"

ConnectedOrgId

{d034d5b0-612f-4714-93f7-52da4f85c718}

ConnectedOrgUniqueName

"orgdd23abb7"

ConnectedOrgVersion

{9.1.0.16832}

CrmConnectOrgUriActual

{https://11apr.crm8.dynamics.com/XRMServices/2011/Organization.svc/web?SDKClientVersion=9.0.44.892}

CurrentAccessToken

"eyJ … vA "

CONCLUSION

So, this is a detailed blog, shared by Dynamics 365 development company team, where you can see how developers can establish secure connections in Dynamics 365 CE (CRM) environments using the ClientSecret authentication type? Once connected, the developer can perform regular operations from the C# code.

Connect to D365 CE with multi-factor Authentication using C# sharp的更多相关文章

  1. 连接mysql问题 mysqlnd cannot connect to MySQL 4.1+ using old authentication

    第一篇:PHP5.3开始使用MySqlND作为默认的MySql访问驱动,而且从这个版本开始将不再支持使用旧的用户接口链接Mysql了,你可能会看到类似的提示: #2000 - mysqlnd cann ...

  2. 项目报错 exception 'MongoConnectionException' with message 'Failed to connect to: 127.0.0.1:27017: Authentication failed on database 'www' with username 'www': auth failed' in

    出现这个错误,在官方文档也找到了解释,原来在2.6版本做了很大的改进,其改进涉及到核心.存储.网络.查询和安全性等多方面,自然,其用户登录认证机制也发生了改变,db.system.users的sche ...

  3. mysqlnd cannot connect to MySQL 4.1+ using old authentication

    报这个错误主要是因为mysql使用了老的密码格式,而程序要求使用新的格式导致的,解决办法: SET old_passwords = 0; UPDATE mysql.user SET Password ...

  4. [信息安全] 4.一次性密码 && 身份认证三要素

    [信息安全]系列博客:http://www.cnblogs.com/linianhui/category/985957.html 在信息安全领域,一般把Cryptography称为密码,而把Passw ...

  5. UBUNTU下MONGODB出现PHP Fatal error: Uncaught exception 'MongoConnectionException' with message 和 Authentication failed on database 'admin' with username

    MONGO 远程连接服务器,出现: PHP Fatal error: Uncaught exception Stack trace:# /var/www/data/update_data.php(): ...

  6. odoo12之应用:一、双因子验证(Two-factor authentication, 2FA)(HOTP,TOTP)附源码

    前言 双因子认证:双因子认证(2FA)是指结合密码以及实物(信用卡.SMS手机.令牌或指纹等生物标志)两种条件对用户进行认证的方法.--百度百科 跟我一样"老"的网瘾少年想必一定见 ...

  7. Dynamics 365 CE将自定义工作流活动程序集注册到磁盘并引用其他类库

    我是微软Dynamics 365 & Power Platform方面的工程师罗勇,也是2015年7月到2018年6月连续三年Dynamics CRM/Business Solutions方面 ...

  8. 更好地使用Atom支持基于Jupyter的Python开发

    有关于使用Atom进行Python开发的网上资料比较少,最近发现使用Atom结合Hydrogen插件进行Python开发,尤其是数据挖掘相关的工作,整体体验要好于Vscode,Vscode虽然说也有连 ...

  9. SSL加速卡调研的原因及背景

    SSL加速卡调研的原因及背景 SSL加速卡调研的原因及背景 网络信息安全已经成为电子商务和网络信息业发展的一个瓶颈,安全套接层(SSL)协议能较好地解决安全处理问题,而SSL加速器有效地提高了网络安全 ...

  10. ethereum/EIPs-1078 Universal login / signup using ENS subdomains

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1078.md eip title author discussions-to status ...

随机推荐

  1. COM三大接口:IUnknown、IClassFactory、IDispatch。

    (1)COM组件有三个最基本的接口类,分别是IUnknown.IClassFactory.IDispatch. COM规范规定任何组件.任何接口都必须从IUnknown继承,IUnknown包含三个函 ...

  2. 卡片式UI设计详细指南,先收好这8条!

    今天为大家分享的是「卡片设计」. 卡片是产品中常见的设计组件之一.通过卡片,可以将不同的内容分层次组合在一起.卡片式设计自带简约和易用的属性,能让页面看起来更有秩序感. 卡片作为常用的UI组件,通常由 ...

  3. 使用supervisor 管理 laravel 框架中的进程

    前言:在laravel中,经常要在项目根目录下执行 php artisan queue:work  来执行队列中的任务,由此,我们想到用supervisor来管理这个进程 Supervisor是用Py ...

  4. 实践:基于腾讯云播放器SDK,带您体验播放多场景下的 COS 视频文件

    一. 实践步骤 1. 准备您的 腾讯云COS 视频文件链接,您需要: 1.1 创建一个存储桶: 1.2 上传对象: 1.3 在对象信息详情里复制对象地址: 注意: 目前腾讯云有COS特惠活动,新人1元 ...

  5. Android中操作 SDCard文件

    1 import android.content.Context; 2 import android.graphics.Bitmap; 3 import android.graphics.Bitmap ...

  6. Python3之并发(五)---线程条件(Condition)和事件(Event)

    一.线程条件Condition(条件变量) 依赖锁对象(Lock,RLock),锁对象可以通过参数传入获得,或者使用自动创建的默认锁对象当多个条件变量需要共享同一个锁时,建议传入锁对象 除了带有获取到 ...

  7. 一、Java简单概述

    一 . Java组成部分 JDK : java development kit (Java开发工具) JDK是提供给Java开发人员使用的,其中包含了java的开发工具,也 包括了JRE. 所以安装了 ...

  8. springboot+vue本地部署

    springboot+vue本地部署 最近完成项目,需要部署到本地,期间遇到了一些问题,最后写下流程以作记录. springboot打包 这块的内容较为简单一般为在pom.xml中加入 <bui ...

  9. Taro 弹窗阻止小程序滑动穿透(亲测有效) tabbar数据缓存不更新 入口场景值不同

    v3.0 推出后反馈最多的问题之一,就是在 touchmove 事件回调中调用 e.stopPropagation() 并不能阻止滑动穿透. 这是因为 Taro 3 的事件冒泡机制是单独在小程序逻辑层 ...

  10. HCIA-ICT实战基础09-远程接入安全管理

    HCIA-ICT实战基础-远程接入安全管理 目录 AAA概述 AAA配置实现 telnet原理与配置 Stelnet(华为ssh的另一种称呼)配置 1 AAA概述 1.1 基本概念 AAA是Authe ...