locked
CRM 2011: support of external uses in HTML + JavaScript + REST RRS feed

  • Question

  • Hi all!

    I have a HTML web resource which uses JS and REST queries for accessing to CRM.

    Now I have to support external users.

    The plan is to create a IIS website, create ASPX page and authenticate by one concrete user (credentials are in web.config). But it will give me opportunity only to perform queries to CRM server from our server, but not from client JavaScript.

    Is there a way to perform REST queries from JavaScript on client side (using authentication of the user mentioned above)?

    Tuesday, August 7, 2012 11:28 AM

Answers

  • Hi Alexander,

    The REST endpoint is only supported for calls from HTML Webresources within CRM. This is due to the authentication model being cookie based. 

    I think the current road map includes OAuth 2.0 (https://twitter.com/ken_heiman/status/182130607642517504) - but there is no definite date for this yet.

    hth,

    Scott


    Scott Durow
    Read my blog: www.develop1.net/public
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"

    Tuesday, August 7, 2012 1:48 PM
    Answerer
  • The answer is: yes, it is leal, there is no need in extenal connector license here
    Friday, August 17, 2012 11:55 AM

All replies

  • Hi Alexander,

    The REST endpoint is only supported for calls from HTML Webresources within CRM. This is due to the authentication model being cookie based. 

    I think the current road map includes OAuth 2.0 (https://twitter.com/ken_heiman/status/182130607642517504) - but there is no definite date for this yet.

    hth,

    Scott


    Scott Durow
    Read my blog: www.develop1.net/public
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"

    Tuesday, August 7, 2012 1:48 PM
    Answerer
  • Thank you, Scott.
    Tuesday, August 7, 2012 2:36 PM
  • If you use the approach documented here http://technet.microsoft.com/en-us/library/gg509057.aspx my theory was that once you get authenticated on the page you would also have the right cookies in place on your site to be able to also get proper access from JS. I haven't tried that part yet though.
    Tuesday, August 7, 2012 9:13 PM
  • Thanks you, Ken, I'll try and let you know the results.
    Wednesday, August 8, 2012 3:16 PM
  • Well, I've forgotten about HTML+JS and just would like to create an ASPX page which will be allowed for many users and uses only one user account for retrieving data from CRM server.

    we've run the SDK sample which is  located in the SampleCode\CS\GeneralProgramming\Authentication\IFDSingleSignOn folder. For it we've implemented all the instructions given in the "Walkthrough: Single Sign-on from a Custom Web Page": http://msdn.microsoft.com/en-us/library/gg509057

    As I understand it's needed in case when we embed ASPX IFRame into MS Dynamics CRM website we can execute this code on behalf on another user, but still we should be a CRM user.

    But my task is more simple (see the first line). If I create the website (with anonymous authentication) which will be calling CRM services on behalf on some user account and do not configure all these ADFS/STS/other stuff ... will it be legal? Do I need to have special license for it?

    Thursday, August 16, 2012 8:49 AM
  • The answer is: yes, it is leal, there is no need in extenal connector license here
    Friday, August 17, 2012 11:55 AM