Effective Feb 4, 2020 - Use of the WS-Trust (Web-Service Trust) authentication security protocol while connecting to Common Data Service has been deprecated. This change affects applications that utilize Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy and Microsoft.Xrm.Tooling.Connector.CrmServiceClient classes for the authentication type of "Office365".

The WS-Trust protocol is a security protocol that is inherently insecure by current encryption standards. In addition to this, the WS-Trust protocol does not support the modern forms of Multi-Factor Authentication and conditional access controls to customer data.

In this blog, considering the above change, we will learn how a developer can make use of the capabilities of the Azure Active Directory to secure and protect access to their applications and customers in Common Data Service.

PRE-REQUISITES

  1. A valid Dynamics-365 CE (CRM) Instance
  2. MS Visual Studio (version 2017 or above)
  3. Azure Active Directory Application
  4. Application ID, Client Secret
  5. CE Application User with an appropriate security role assigned

STEPS

  • Note down the string values of the following parameters:
  1. Azure Active Directory Application ID
  2. Azure Active Directory Tenant ID
  • Client Secret Key
  • Open a C# Console Application and add CrmSdk.XrmTooling.CoreAssembly NuGet Package.
  • Here, we will first form the Connection String to pass it to the CrmSeviceClient, keeping ‘ClientSecret’ our Authentication Type.
  • The connection string must look like the following.

Format

String connectionString = "AuthType=ClientSecret; url=; ClientId=; ClientSecret=”; 

Example

string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

  • Once the correct connection string is formed, we will pass it in a constructor of CrmServiceClient.

CrmServiceClient crmServiceClient = new CrmServiceClient (connectionString); //Connecting to the D-365 CE instance

  • Run the following code and check for yourself if you can connect to your D365 organization.

Note: Please provide your own parameters in the code

using Microsoft.Xrm.Tooling.Connector;

using System;

namespace CrmServiceClient_Blog

{

    internal class Program

    {

        private static void Main(string[] args)

        {

            string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

            CrmServiceClient crmServiceClient = new CrmServiceClient(connectionString); //Connecting to the D-365 CE instance

            if (crmServiceClient != null && crmServiceClient.IsReady)

            {

                Console.ForegroundColor = ConsoleColor.Green;

                Console.WriteLine("
Connected Successfully!");

                Console.Read();

            }

            else

            {

                Console.WriteLine("
Could NOT connect to D365 CE instance. Please make sure the Connection String is correct.");

                Console.Read();

            }

        }

    }

}

UNIT TESTING

  • After we run the above code, we can see that the connection to our D365 instance is successfully established.
  • crmServiceClient object of the CrmServiceClientclass gets the following important values that can be used in any operations in the code.

{Microsoft.Xrm.Tooling.Connector.CrmServiceClient}

ActiveAuthenticationType

ClientSecret

Authority

"https://login.microsoftonline.com/9dc73af2-e3c5-4b7d-b8c0-f19f12279496/oauth2/authorize/"

ConnectedOrgFriendlyName

"Abhi27"

ConnectedOrgId

{d034d5b0-612f-4714-93f7-52da4f85c718}

ConnectedOrgUniqueName

"orgdd23abb7"

ConnectedOrgVersion

{9.1.0.16832}

CrmConnectOrgUriActual

{https://11apr.crm8.dynamics.com/XRMServices/2011/Organization.svc/web?SDKClientVersion=9.0.44.892}

CurrentAccessToken

"eyJ … vA "

CONCLUSION

So, this is a detailed blog, shared by Dynamics 365 development company team, where you can see how developers can establish secure connections in Dynamics 365 CE (CRM) environments using the ClientSecret authentication type? Once connected, the developer can perform regular operations from the C# code.

Connect to D365 CE with multi-factor Authentication using C# sharp的更多相关文章

  1. 连接mysql问题 mysqlnd cannot connect to MySQL 4.1+ using old authentication

    第一篇:PHP5.3开始使用MySqlND作为默认的MySql访问驱动,而且从这个版本开始将不再支持使用旧的用户接口链接Mysql了,你可能会看到类似的提示: #2000 - mysqlnd cann ...

  2. 项目报错 exception 'MongoConnectionException' with message 'Failed to connect to: 127.0.0.1:27017: Authentication failed on database 'www' with username 'www': auth failed' in

    出现这个错误,在官方文档也找到了解释,原来在2.6版本做了很大的改进,其改进涉及到核心.存储.网络.查询和安全性等多方面,自然,其用户登录认证机制也发生了改变,db.system.users的sche ...

  3. mysqlnd cannot connect to MySQL 4.1+ using old authentication

    报这个错误主要是因为mysql使用了老的密码格式,而程序要求使用新的格式导致的,解决办法: SET old_passwords = 0; UPDATE mysql.user SET Password ...

  4. [信息安全] 4.一次性密码 && 身份认证三要素

    [信息安全]系列博客:http://www.cnblogs.com/linianhui/category/985957.html 在信息安全领域,一般把Cryptography称为密码,而把Passw ...

  5. UBUNTU下MONGODB出现PHP Fatal error: Uncaught exception 'MongoConnectionException' with message 和 Authentication failed on database 'admin' with username

    MONGO 远程连接服务器,出现: PHP Fatal error: Uncaught exception Stack trace:# /var/www/data/update_data.php(): ...

  6. odoo12之应用:一、双因子验证(Two-factor authentication, 2FA)(HOTP,TOTP)附源码

    前言 双因子认证:双因子认证(2FA)是指结合密码以及实物(信用卡.SMS手机.令牌或指纹等生物标志)两种条件对用户进行认证的方法.--百度百科 跟我一样"老"的网瘾少年想必一定见 ...

  7. Dynamics 365 CE将自定义工作流活动程序集注册到磁盘并引用其他类库

    我是微软Dynamics 365 & Power Platform方面的工程师罗勇,也是2015年7月到2018年6月连续三年Dynamics CRM/Business Solutions方面 ...

  8. 更好地使用Atom支持基于Jupyter的Python开发

    有关于使用Atom进行Python开发的网上资料比较少,最近发现使用Atom结合Hydrogen插件进行Python开发,尤其是数据挖掘相关的工作,整体体验要好于Vscode,Vscode虽然说也有连 ...

  9. SSL加速卡调研的原因及背景

    SSL加速卡调研的原因及背景 SSL加速卡调研的原因及背景 网络信息安全已经成为电子商务和网络信息业发展的一个瓶颈,安全套接层(SSL)协议能较好地解决安全处理问题,而SSL加速器有效地提高了网络安全 ...

  10. ethereum/EIPs-1078 Universal login / signup using ENS subdomains

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1078.md eip title author discussions-to status ...

随机推荐

  1. el-table更新数据页面闪烁问题

    情况是这样,渲染了一个table,高度是固定的.所以会有滚动.其中的某一列的数据只显示了部分内容,鼠标浮上加载全部,用el-popover浮框显示. 但每次改变tableKey会触发整个table的重 ...

  2. 一些test短代码

    #include <stdio.h> int main(){ char ray_tx_pwr[2][3]={{1,2,3},{4,5,6}}; int i = 0; printf(&quo ...

  3. JAI 多图片合成TIF格式

    因为项目需要,所以要做这么个工具类,发现了一些问题,接下来一一说明. 需要引入jai-codec-1.1.3.jar跟jai_code-1.1.3.jar. 1.判断图片格式: JPEG (jpg), ...

  4. Java之时间类

    时间类 Date类 ZonedDateTime: 带时区的时间 ZoneId: 带时区 Instant: 时间戳 日期格式化类 SimpleDateFormat DateTimeFormatter D ...

  5. Websocket(websocket自定义协议)

    是基于TCP的 tcp特征: 我发数据对端可以接收到,对端发数据我可以收到 先发先收到,后发后收到 使用websocket客户端发给服务器数据,服务器回客户端返回数据流程(自定义websocket协议 ...

  6. android 集成友盟实现 第三方分享 登录(qq,新浪,微信)

    其实友盟的文档写的非常详细了,在这只是记录一下开发过程中遇到过的坑. 开发流程,先到友盟的官网注册账号创建应用,友盟的文档地址:http://dev.umeng.com/social/android/ ...

  7. vue项目的两种构建工具Vue CLI和Vite

    Vue CLI官方项目搭建工具,使用的打包器是webpack,webpack使用的模块化规范是commonjs模块: Vite主要特点是开发环境启动迅速,因为是使用的ES模块,这是在现代浏览器开始原生 ...

  8. express的安装,使用,请求,自动更新,静态资源托管(一)

    1.打开编辑器vscode 2.安装express   npm install express@4.17.1 3.创建文件index.js 4.导入express   const express = ...

  9. laravel 插件库网站

    1.https://packagist.org 2.http://packalyst.com

  10. ufun对象->NXopen

    Body *body1(dynamic_cast<Body *>(NXObjectManager::Get(SolidVector[i]))); std::vector<Face*& ...