Effective Feb 4, 2020 - Use of the WS-Trust (Web-Service Trust) authentication security protocol while connecting to Common Data Service has been deprecated. This change affects applications that utilize Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy and Microsoft.Xrm.Tooling.Connector.CrmServiceClient classes for the authentication type of "Office365".

The WS-Trust protocol is a security protocol that is inherently insecure by current encryption standards. In addition to this, the WS-Trust protocol does not support the modern forms of Multi-Factor Authentication and conditional access controls to customer data.

In this blog, considering the above change, we will learn how a developer can make use of the capabilities of the Azure Active Directory to secure and protect access to their applications and customers in Common Data Service.

PRE-REQUISITES

  1. A valid Dynamics-365 CE (CRM) Instance
  2. MS Visual Studio (version 2017 or above)
  3. Azure Active Directory Application
  4. Application ID, Client Secret
  5. CE Application User with an appropriate security role assigned

STEPS

  • Note down the string values of the following parameters:
  1. Azure Active Directory Application ID
  2. Azure Active Directory Tenant ID
  • Client Secret Key
  • Open a C# Console Application and add CrmSdk.XrmTooling.CoreAssembly NuGet Package.
  • Here, we will first form the Connection String to pass it to the CrmSeviceClient, keeping ‘ClientSecret’ our Authentication Type.
  • The connection string must look like the following.

Format

String connectionString = "AuthType=ClientSecret; url=; ClientId=; ClientSecret=”; 

Example

string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

  • Once the correct connection string is formed, we will pass it in a constructor of CrmServiceClient.

CrmServiceClient crmServiceClient = new CrmServiceClient (connectionString); //Connecting to the D-365 CE instance

  • Run the following code and check for yourself if you can connect to your D365 organization.

Note: Please provide your own parameters in the code

using Microsoft.Xrm.Tooling.Connector;

using System;

namespace CrmServiceClient_Blog

{

    internal class Program

    {

        private static void Main(string[] args)

        {

            string connectionString = "AuthType=ClientSecret; url=https://11apr.crm8.dynamics.com/;ClientId=91916602-0067-46c4-bcf4-b2a3ffa3108b; ClientSecret=A.Z8e7X.REAEv3Tm4:.w0s0ptRwgn?2m";

            CrmServiceClient crmServiceClient = new CrmServiceClient(connectionString); //Connecting to the D-365 CE instance

            if (crmServiceClient != null && crmServiceClient.IsReady)

            {

                Console.ForegroundColor = ConsoleColor.Green;

                Console.WriteLine("
Connected Successfully!");

                Console.Read();

            }

            else

            {

                Console.WriteLine("
Could NOT connect to D365 CE instance. Please make sure the Connection String is correct.");

                Console.Read();

            }

        }

    }

}

UNIT TESTING

  • After we run the above code, we can see that the connection to our D365 instance is successfully established.
  • crmServiceClient object of the CrmServiceClientclass gets the following important values that can be used in any operations in the code.

{Microsoft.Xrm.Tooling.Connector.CrmServiceClient}

ActiveAuthenticationType

ClientSecret

Authority

"https://login.microsoftonline.com/9dc73af2-e3c5-4b7d-b8c0-f19f12279496/oauth2/authorize/"

ConnectedOrgFriendlyName

"Abhi27"

ConnectedOrgId

{d034d5b0-612f-4714-93f7-52da4f85c718}

ConnectedOrgUniqueName

"orgdd23abb7"

ConnectedOrgVersion

{9.1.0.16832}

CrmConnectOrgUriActual

{https://11apr.crm8.dynamics.com/XRMServices/2011/Organization.svc/web?SDKClientVersion=9.0.44.892}

CurrentAccessToken

"eyJ … vA "

CONCLUSION

So, this is a detailed blog, shared by Dynamics 365 development company team, where you can see how developers can establish secure connections in Dynamics 365 CE (CRM) environments using the ClientSecret authentication type? Once connected, the developer can perform regular operations from the C# code.

Connect to D365 CE with multi-factor Authentication using C# sharp的更多相关文章

  1. 连接mysql问题 mysqlnd cannot connect to MySQL 4.1+ using old authentication

    第一篇:PHP5.3开始使用MySqlND作为默认的MySql访问驱动,而且从这个版本开始将不再支持使用旧的用户接口链接Mysql了,你可能会看到类似的提示: #2000 - mysqlnd cann ...

  2. 项目报错 exception 'MongoConnectionException' with message 'Failed to connect to: 127.0.0.1:27017: Authentication failed on database 'www' with username 'www': auth failed' in

    出现这个错误,在官方文档也找到了解释,原来在2.6版本做了很大的改进,其改进涉及到核心.存储.网络.查询和安全性等多方面,自然,其用户登录认证机制也发生了改变,db.system.users的sche ...

  3. mysqlnd cannot connect to MySQL 4.1+ using old authentication

    报这个错误主要是因为mysql使用了老的密码格式,而程序要求使用新的格式导致的,解决办法: SET old_passwords = 0; UPDATE mysql.user SET Password ...

  4. [信息安全] 4.一次性密码 && 身份认证三要素

    [信息安全]系列博客:http://www.cnblogs.com/linianhui/category/985957.html 在信息安全领域,一般把Cryptography称为密码,而把Passw ...

  5. UBUNTU下MONGODB出现PHP Fatal error: Uncaught exception 'MongoConnectionException' with message 和 Authentication failed on database 'admin' with username

    MONGO 远程连接服务器,出现: PHP Fatal error: Uncaught exception Stack trace:# /var/www/data/update_data.php(): ...

  6. odoo12之应用:一、双因子验证(Two-factor authentication, 2FA)(HOTP,TOTP)附源码

    前言 双因子认证:双因子认证(2FA)是指结合密码以及实物(信用卡.SMS手机.令牌或指纹等生物标志)两种条件对用户进行认证的方法.--百度百科 跟我一样"老"的网瘾少年想必一定见 ...

  7. Dynamics 365 CE将自定义工作流活动程序集注册到磁盘并引用其他类库

    我是微软Dynamics 365 & Power Platform方面的工程师罗勇,也是2015年7月到2018年6月连续三年Dynamics CRM/Business Solutions方面 ...

  8. 更好地使用Atom支持基于Jupyter的Python开发

    有关于使用Atom进行Python开发的网上资料比较少,最近发现使用Atom结合Hydrogen插件进行Python开发,尤其是数据挖掘相关的工作,整体体验要好于Vscode,Vscode虽然说也有连 ...

  9. SSL加速卡调研的原因及背景

    SSL加速卡调研的原因及背景 SSL加速卡调研的原因及背景 网络信息安全已经成为电子商务和网络信息业发展的一个瓶颈,安全套接层(SSL)协议能较好地解决安全处理问题,而SSL加速器有效地提高了网络安全 ...

  10. ethereum/EIPs-1078 Universal login / signup using ENS subdomains

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1078.md eip title author discussions-to status ...

随机推荐

  1. 升级TLS1.3

    初衷:简简单单在网站上挂个单点登录,先在本地跑起来,然后再放到服务器上.然而问题来了: 请求被中止: 未能创建 SSL/TLS 安全通道 简简单单的百度一下,只需要加上这行就可以了~Easy Serv ...

  2. R7-7 调查电视节目受欢迎程度

    R7-7 调查电视节目受欢迎程度 分数 15 全屏浏览题目 切换布局 作者 颜晖 单位 浙大城市学院 某电视台要调查观众对该台8个栏目(设相应栏目编号为1~8)的受欢迎情况,共调查了n位观众(1≤n≤ ...

  3. Java-面向对象基础 this& 重载

    1.this表示当前对象 获取当前对象的属性 使用this调用当前属性 2.重载 如果两个方法的方法名相同,但参数不一致,那么可以说一个方法是另一个方法的重载

  4. XJTUOJ #1193. 表象[弹幕偏执症]

    题目 https://oj.xjtuicpc.com/problem/1193 恋恋天下第一!(然而本菜鸡总是被阿空锤死而根本开不了normal)TAT 思路 挺吓人的一道题,看起来很像是要匹配加字符 ...

  5. 睿爸信奥-【临阵磨枪】练习赛(第二场)- T2

    目录 题面 code 题面 徐老师在[睿爸信奥]里面颇受学生欢迎,有一天校长石老师想要搞个最受欢迎老师投票,徐老师就很想拿到这个奖.假设有 名候选者,有 人参加了投票,与以往不同的是,这次所有得票数超 ...

  6. EIRENE GSM-R编码计划

    Numbering plan overview This appendix provides an overview of the numbering plan as defined in this ...

  7. NIO 缓冲区 ByteBuffer 之黏包和半包

    一.低效率方式 /** * 黏包.半包 */ private static void buffExample2() { /* 网络上传输多条数据给服务器,数据之间使用 \n 分隔. 但由于某种原因(多 ...

  8. centos 7 安装rocketmq 主从

    https://www.cnblogs.com/weianlai/p/14590533.html

  9. 运维权限系统之 OpenLDAP(干货)

    系统环境:CentOS7 一.OpenLDAP 1,开始安装(使用yum源码安装) yum install openldap openldap-servers openldap-clients ##拷 ...

  10. trzcopy

    @echo offcd /d %~dp0setlocal enabledelayedexpansionset aa=伟大的中国!我为你自豪echo 替换前:%aa%echo 替换后:%aa:中国=中华 ...