Connect to D365 CE with multi-factor Authentication using C# sharp
Effective Feb 4, 2020 - Use of the WS-Trust (Web-Service Trust) authentication security protocol while connecting to Common Data Service has been deprecated. This change affects applications that utilize Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy and Microsoft.Xrm.Tooling.Connector.CrmServiceClient classes for the authentication type of "Office365".
The WS-Trust protocol is a security protocol that is inherently insecure by current encryption standards. In addition to this, the WS-Trust protocol does not support the modern forms of Multi-Factor Authentication and conditional access controls to customer data.
In this blog, considering the above change, we will learn how a developer can make use of the capabilities of the Azure Active Directory to secure and protect access to their applications and customers in Common Data Service.
PRE-REQUISITES
- A valid Dynamics-365 CE (CRM) Instance
- MS Visual Studio (version 2017 or above)
- Azure Active Directory Application
- Application ID, Client Secret
- CE Application User with an appropriate security role assigned
STEPS
- Note down the string values of the following parameters:
- Azure Active Directory Application ID
- Azure Active Directory Tenant ID
- Client Secret Key
- Open a C# Console Application and add CrmSdk.XrmTooling.CoreAssembly NuGet Package.
- Here, we will first form the Connection String to pass it to the CrmSeviceClient, keeping ‘ClientSecret’ our Authentication Type.
- The connection string must look like the following.
Format
String connectionString = "AuthType=ClientSecret; url=; ClientId=; ClientSecret=”;
Example
string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";
- Once the correct connection string is formed, we will pass it in a constructor of CrmServiceClient.
CrmServiceClient crmServiceClient = new CrmServiceClient (connectionString); //Connecting to the D-365 CE instance
- Run the following code and check for yourself if you can connect to your D365 organization.
Note: Please provide your own parameters in the code
using Microsoft.Xrm.Tooling.Connector;
using System;
namespace CrmServiceClient_Blog
{
internal class Program
{
private static void Main(string[] args)
{
string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";
CrmServiceClient crmServiceClient = new CrmServiceClient(connectionString); //Connecting to the D-365 CE instance
if (crmServiceClient != null && crmServiceClient.IsReady)
{
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("
Connected Successfully!");
Console.Read();
}
else
{
Console.WriteLine("
Could NOT connect to D365 CE instance. Please make sure the Connection String is correct.");
Console.Read();
}
}
}
}
UNIT TESTING
- After we run the above code, we can see that the connection to our D365 instance is successfully established.
- crmServiceClient object of the CrmServiceClientclass gets the following important values that can be used in any operations in the code.
{Microsoft.Xrm.Tooling.Connector.CrmServiceClient}
ActiveAuthenticationType |
ClientSecret |
Authority |
"https://login.microsoftonline.com/9dc73af2-e3c5-4b7d-b8c0-f19f12279496/oauth2/authorize/" |
ConnectedOrgFriendlyName |
"Abhi27" |
ConnectedOrgId |
{d034d5b0-612f-4714-93f7-52da4f85c718} |
ConnectedOrgUniqueName |
"orgdd23abb7" |
ConnectedOrgVersion |
{9.1.0.16832} |
CrmConnectOrgUriActual |
{https://11apr.crm8.dynamics.com/XRMServices/2011/Organization.svc/web?SDKClientVersion=9.0.44.892} |
CurrentAccessToken |
"eyJ … vA " |
CONCLUSION
So, this is a detailed blog, shared by Dynamics 365 development company team, where you can see how developers can establish secure connections in Dynamics 365 CE (CRM) environments using the ClientSecret authentication type? Once connected, the developer can perform regular operations from the C# code.
Connect to D365 CE with multi-factor Authentication using C# sharp的更多相关文章
- 连接mysql问题 mysqlnd cannot connect to MySQL 4.1+ using old authentication
第一篇:PHP5.3开始使用MySqlND作为默认的MySql访问驱动,而且从这个版本开始将不再支持使用旧的用户接口链接Mysql了,你可能会看到类似的提示: #2000 - mysqlnd cann ...
- 项目报错 exception 'MongoConnectionException' with message 'Failed to connect to: 127.0.0.1:27017: Authentication failed on database 'www' with username 'www': auth failed' in
出现这个错误,在官方文档也找到了解释,原来在2.6版本做了很大的改进,其改进涉及到核心.存储.网络.查询和安全性等多方面,自然,其用户登录认证机制也发生了改变,db.system.users的sche ...
- mysqlnd cannot connect to MySQL 4.1+ using old authentication
报这个错误主要是因为mysql使用了老的密码格式,而程序要求使用新的格式导致的,解决办法: SET old_passwords = 0; UPDATE mysql.user SET Password ...
- [信息安全] 4.一次性密码 && 身份认证三要素
[信息安全]系列博客:http://www.cnblogs.com/linianhui/category/985957.html 在信息安全领域,一般把Cryptography称为密码,而把Passw ...
- UBUNTU下MONGODB出现PHP Fatal error: Uncaught exception 'MongoConnectionException' with message 和 Authentication failed on database 'admin' with username
MONGO 远程连接服务器,出现: PHP Fatal error: Uncaught exception Stack trace:# /var/www/data/update_data.php(): ...
- odoo12之应用:一、双因子验证(Two-factor authentication, 2FA)(HOTP,TOTP)附源码
前言 双因子认证:双因子认证(2FA)是指结合密码以及实物(信用卡.SMS手机.令牌或指纹等生物标志)两种条件对用户进行认证的方法.--百度百科 跟我一样"老"的网瘾少年想必一定见 ...
- Dynamics 365 CE将自定义工作流活动程序集注册到磁盘并引用其他类库
我是微软Dynamics 365 & Power Platform方面的工程师罗勇,也是2015年7月到2018年6月连续三年Dynamics CRM/Business Solutions方面 ...
- 更好地使用Atom支持基于Jupyter的Python开发
有关于使用Atom进行Python开发的网上资料比较少,最近发现使用Atom结合Hydrogen插件进行Python开发,尤其是数据挖掘相关的工作,整体体验要好于Vscode,Vscode虽然说也有连 ...
- SSL加速卡调研的原因及背景
SSL加速卡调研的原因及背景 SSL加速卡调研的原因及背景 网络信息安全已经成为电子商务和网络信息业发展的一个瓶颈,安全套接层(SSL)协议能较好地解决安全处理问题,而SSL加速器有效地提高了网络安全 ...
- ethereum/EIPs-1078 Universal login / signup using ENS subdomains
https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1078.md eip title author discussions-to status ...
随机推荐
- Demo of canvas, canvas optimization and svg
It used the canvas to draw the curves in the old project, and the client felt that it was vague, so ...
- Django——全局配置settings详解
Django设置文件包含你所有的Django安装配置.这个文件一般在你的项目文件夹里.比如我们创建了一个名为mysite的项目,那么这个配置文件setting.py就在项目里的mysite文件夹里. ...
- c#遍历一个对象的字段信息
c#遍历对象字段 场景:有一个对象作为导出word段落的数据.每一个字段就代表一个段落,可以对相应段落数据设置样式(字体.颜色.加粗--) 参考文献:(12条消息) C#获取实体类字段信息Proper ...
- 华三防火墙主备ACL
dis cur | in policy 查看 policy-based-route 有线网络 permit node 5 policy-based-route 有线网络 permit node 10 ...
- 2.VS编写XML实例程序
在VS中编写XML实例程序 1.如下,在 VS 中分别新建 XML 文件.XML 解析类.XML 实体类 2.在项目中代码,如下 (1)XML 文件(注:在 VS 解决方案资源管理器中选中 XML ...
- CH340N串口无法检测问题的解决
问题原因: type-C有好几种类型,其中包括能传输数据的,也有不能传输数据.只能供电的.(本质差别就是引脚数目不同) 问题解决:只要将原来的type-C转USB的充电线换成数据线,电脑就能识别CH3 ...
- windows shell
屏蔽wifi名称:netsh wlan add filter permission=block ssid="wifi的名称" networktype=infrastructure ...
- ElementUI实现手动上传
在做项目中,与同事遇到问题,顺手记录一下 <template> <div class="common-layout"> <el-button size ...
- react 学习笔记更新2.0
1.性能优化 1.shouldComponentUpdate 在render调用之前会调用shouldComponentUpdate,不建议在 shouldComponentUpdate() 中进行深 ...
- Sql Server 服务无法正常启动,126异常
SQL Server 一记 异常信息 方法/步骤 打开[开始菜单]找到软件SQL Server下面的[配置管理器] 可以看到数据库主服务是 '停止' 状态: ![数据库主服务 展开[SQL Serve ...