locked
Call external ASP.NET WebAPI from Dynamics CRM Ribbon Command Action RRS feed

  • Question

  • Hi,

    Doese anyone was able to call an external ASP.NET WebAPI from customized ribbon command action in Dynamics CRM 2013?

    Please note the the webAPI was hosted on a different server and only windows authentication is enabled

    Thursday, March 10, 2016 9:44 AM

Answers

  • It looks like the issue is authentication, as the only easy to make that work is to have the browser do that:

    • Check the site the web service is in is in the Local Intranet Zone
    • Check 'Automatic logon only in intranet zone' is set - this works for IE and Chrome; Firefox has its own setting
    • Check that the user's AD account has permission on the web service - this is controlled both by the ACL on the file and folder, and by web.config settings

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by Franconia Monday, March 14, 2016 3:57 AM
    Friday, March 11, 2016 12:29 PM
    Moderator

All replies

  • Do you want to access an .aspx page (which will have some user interface), or call a web service (.svc or .asmx typically) ?

    To access an .aspx page you can open it with a Url action like any other page.

    If it's a web service, you'll need some client script to wrap around the call, which you can do as a javascript web resource. However, you may need to address cross-domain scripting issues.

    The authentication depends on the browser settings. If you don't want the users to be prompted for credentials, then you can added the ASP .Net website to the local intranet zone, and use the security setting 'Automatic logon only in intranet zone' - this is a setting in Internet Explorer, that also applies to Chrome


    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    Thursday, March 10, 2016 11:49 AM
    Moderator
  • Hi David,

    Thanks for you reply! Actually, I want to access an external restful web service. I did a test by using the ASP.NET WebAPI sample. I hosted the webserve on my local IIS server and enabled cross domain. If I enable anonymous authentication, I was able to call the web service from a javascript web resource by using following code:

            var serverUrl = "http://localhost/api/products/1";
            $.ajax({
                async: false,
                type: "POST",
                contentType: "application/json; charset=utf-8",
                datatype: "json",
                url: encodeURI(serverUrl),
                beforeSend: function (XMLHttpRequest) {
                    XMLHttpRequest.setRequestHeader("Accept", "application/json");
                },
                success: function (data, textStatus, XmlHttpRequest) {
                    alert(XmlHttpRequest.responseText);
                },
                error: function (XmlHttpRequest, textStatus, errorThrown) {
                    alert(XmlHttpRequest.responseText);
                }
            });

    It is probably because the request is cross domain, CRM send a OPTION request first, than re-send a post request. Anyway, the expected reponse was returned. However if I disable the anonymous authentication, 401 unauthorized error was returned.

    Friday, March 11, 2016 3:52 AM
  • It looks like the issue is authentication, as the only easy to make that work is to have the browser do that:

    • Check the site the web service is in is in the Local Intranet Zone
    • Check 'Automatic logon only in intranet zone' is set - this works for IE and Chrome; Firefox has its own setting
    • Check that the user's AD account has permission on the web service - this is controlled both by the ACL on the file and folder, and by web.config settings

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by Franconia Monday, March 14, 2016 3:57 AM
    Friday, March 11, 2016 12:29 PM
    Moderator
  • Hi David,

    You are right, we need the browser do the authentication. As a workaround, I hosted an intermediate service on the same server of CRM. With the same code in prevoious post, the browser attached the user credential's token automatically in request header. Thanks for your help!

    Monday, March 14, 2016 3:57 AM