locked
CRM Web API using C#, Authentication issue RRS feed

  • Question

  • Hi,

       I am trying to register my application with Azure so that I can use webapi for my application, but there is a issue.

      I am following below mentioned steps

    1. Create a new Active Directory on Microsoft Azure
    2. Navigate to the directory and select the tab ‘Applications’
    3. Add a new (click on the ‘Add’ button on the command bar)
    4. Select the option ‘Add an application my organization is developing’
    5. Provide a name to the application and select ‘Native Client Application’
    6. Provide a redirect URL, which for the purposes of this tutorial can be the URL to your Dynamics CRM Online organization
    7. Navigate to the newly created application and select the tab ‘Configure’
    8. Save the Client ID string. The application must identify itself by using this code
    9. Find the ‘Permissions to Other Applications’ section and add a new application
    10. Select ‘Dynamics CRM Online’ and save
    11. Back to the screen with the ‘Permissions to Other Applications’, add the delegate permission ‘Access CRM Online as organization users’

    But  coming to 10th point , I am unable to find Dynamic CRM Online  in list of application.

    Can any one help me please?

    Regards

    Prashanth


    Thanks Regards Prashanth Kamasamudram Even the least work done for others awakens the power within; even thinking the least good of others gradually instills into the heart the strength of a lion.


    Tuesday, March 22, 2016 9:23 AM

All replies

  • Finally I am able to select the Dynamic CRM Online  for Permissions to Other Applications and saved it and selected delegate permission "Access CRM online as organization users'. But when I run my console application I am getting exception.

    Following is the code which I got from https://community.dynamics.com/crm/b/jasonlattimersblog/archive/2015/11/20/crm-web-api-using-c

    Author : Jason Lattimer

    //Azure Application Client ID
    		private const string _clientId = "ab000000-4000-5000-0000-000000000000";
    		// Azure Application REPLY URL - can be anything here but it must be registered ahead of time
    		private const string _redirectUrl = "https://organization.api.crm5.dynamics.com/api/data/v8.0/";
    		//CRM URL
    		private const string _serviceUrl = "https://organization.api.crm5.dynamics.com";
    		//O365 used for authentication w/o login prompt
    		private const string _username = "user@organization.onmicrosoft.com";
    		private const string _password = "password$";
            //Azure Directory OAUTH 2.0 AUTHORIZATION ENDPOINT  
            private const string _authority = "https://login.microsoftonline.com/00000000-0000-1111-2222-123456789123/oauth2/authorize";
            
    
            private static AuthenticationResult _authResult;
    
    		static void Main(string[] args)
    		{
    
                try {
                    AuthenticationContext authContext =
                        new AuthenticationContext(_authority, false);
    
                    //Prompt for credentials
                    _authResult = authContext.AcquireToken(
                        _serviceUrl, _clientId, new Uri(_redirectUrl));
    
                    //No prompt for credentials
    
                    //UserCredential credentials = new UserCredential(_username, _password);
                    //_authResult = authContext.AcquireToken(
                    //    _serviceUrl, _clientId, credentials);
    
                    Task.WaitAll(Task.Run(async () => await DoWork()));
                }catch(Exception ex)
                {
                    Console.WriteLine(ex.Message);
    
    
                }
    		}

    I am getting exception 

    Exception : 

    AADSTS65001: The user or administrator has not consented to use the application with ID '00000000-4fb0-4b37-a8ee-000000000000'. Send an interactive authorization request for this user and resource.
    Trace ID: 0000000-aa64-48fc-8594-000000000000
    Correlation ID: 00000000-69a3-4dca-88e0-000000000000
    Timestamp: 2016-03-22 12:23:56Z

    Inner Exception : The remote server returned an error: (400) Bad Request.

    Can any one help me with this? 


    Thanks Regards Prashanth Kamasamudram Even the least work done for others awakens the power within; even thinking the least good of others gradually instills into the heart the strength of a lion.



    Tuesday, March 22, 2016 12:28 PM
  • I encountered something similar.

    The cause for me was because my CRM instance/Office 365 was a trial. Because of this it wasn't tied to my organisation's AAD instance/Office 365 tenant.

    I fixed it in two steps:

    1. Signed out of all websites that used my organisation Office 365 tenant

    2. Transplanted the necessary code to a WinForms app

    3. Modified the AcquireToken code like this (note the PromptBehaviour change). This caused a login dialog to pop-up and enabled me to log in to my Trial Office 365 tenant and authorise the application as that account:

         
            public AuthenticationResult AcquireToken()
            {
                return _context.AcquireToken(_config.ServiceUrl, _config.ClientId, new Uri(_config.RedirectUrl),
                    PromptBehavior.RefreshSession);
            }

    There may be a better way, but this worked




    Wednesday, September 21, 2016 11:12 AM