Asked by:
CRM Web API using C#, Authentication issue

Question
-
Hi,
I am trying to register my application with Azure so that I can use webapi for my application, but there is a issue.
I am following below mentioned steps
- Create a new Active Directory on Microsoft Azure
- Navigate to the directory and select the tab ‘Applications’
- Add a new (click on the ‘Add’ button on the command bar)
- Select the option ‘Add an application my organization is developing’
- Provide a name to the application and select ‘Native Client Application’
- Provide a redirect URL, which for the purposes of this tutorial can be the URL to your Dynamics CRM Online organization
- Navigate to the newly created application and select the tab ‘Configure’
- Save the Client ID string. The application must identify itself by using this code
- Find the ‘Permissions to Other Applications’ section and add a new application
- Select ‘Dynamics CRM Online’ and save
- Back to the screen with the ‘Permissions to Other Applications’, add the delegate permission ‘Access CRM Online as organization users’
But coming to 10th point , I am unable to find Dynamic CRM Online in list of application.
Can any one help me please?
Regards
Prashanth
Thanks Regards Prashanth Kamasamudram Even the least work done for others awakens the power within; even thinking the least good of others gradually instills into the heart the strength of a lion.
- Edited by Prashanth Kamasamudram Tuesday, March 22, 2016 1:03 PM
Tuesday, March 22, 2016 9:23 AM
All replies
-
Finally I am able to select the Dynamic CRM Online for Permissions to Other Applications and saved it and selected delegate permission "Access CRM online as organization users'. But when I run my console application I am getting exception.
Following is the code which I got from https://community.dynamics.com/crm/b/jasonlattimersblog/archive/2015/11/20/crm-web-api-using-c
Author : Jason Lattimer
//Azure Application Client ID private const string _clientId = "ab000000-4000-5000-0000-000000000000"; // Azure Application REPLY URL - can be anything here but it must be registered ahead of time private const string _redirectUrl = "https://organization.api.crm5.dynamics.com/api/data/v8.0/"; //CRM URL private const string _serviceUrl = "https://organization.api.crm5.dynamics.com"; //O365 used for authentication w/o login prompt private const string _username = "user@organization.onmicrosoft.com"; private const string _password = "password$"; //Azure Directory OAUTH 2.0 AUTHORIZATION ENDPOINT private const string _authority = "https://login.microsoftonline.com/00000000-0000-1111-2222-123456789123/oauth2/authorize"; private static AuthenticationResult _authResult; static void Main(string[] args) { try { AuthenticationContext authContext = new AuthenticationContext(_authority, false); //Prompt for credentials _authResult = authContext.AcquireToken( _serviceUrl, _clientId, new Uri(_redirectUrl)); //No prompt for credentials //UserCredential credentials = new UserCredential(_username, _password); //_authResult = authContext.AcquireToken( // _serviceUrl, _clientId, credentials); Task.WaitAll(Task.Run(async () => await DoWork())); }catch(Exception ex) { Console.WriteLine(ex.Message); } }
I am getting exception
Exception :
AADSTS65001: The user or administrator has not consented to use the application with ID '00000000-4fb0-4b37-a8ee-000000000000'. Send an interactive authorization request for this user and resource.
Trace ID: 0000000-aa64-48fc-8594-000000000000
Correlation ID: 00000000-69a3-4dca-88e0-000000000000
Timestamp: 2016-03-22 12:23:56ZInner Exception : The remote server returned an error: (400) Bad Request.
Can any one help me with this?
Thanks Regards Prashanth Kamasamudram Even the least work done for others awakens the power within; even thinking the least good of others gradually instills into the heart the strength of a lion.
- Edited by Prashanth Kamasamudram Tuesday, March 22, 2016 12:32 PM Link added
Tuesday, March 22, 2016 12:28 PM -
I encountered something similar.
The cause for me was because my CRM instance/Office 365 was a trial. Because of this it wasn't tied to my organisation's AAD instance/Office 365 tenant.
I fixed it in two steps:
1. Signed out of all websites that used my organisation Office 365 tenant
2. Transplanted the necessary code to a WinForms app
3. Modified the AcquireToken code like this (note the PromptBehaviour change). This caused a login dialog to pop-up and enabled me to log in to my Trial Office 365 tenant and authorise the application as that account:
public AuthenticationResult AcquireToken() { return _context.AcquireToken(_config.ServiceUrl, _config.ClientId, new Uri(_config.RedirectUrl), PromptBehavior.RefreshSession); }
There may be a better way, but this worked
Wednesday, September 21, 2016 11:12 AM