Check out the latest features available in Dynamics 365 for Customer Engagement, including LinkedIn Connect, Voice of the Customer and Universal Resource Scheduling.
Dynamics 365 2019 release wave 2 plan Discover the latest updates to Dynamics 365.Release Plan | Weekly Deployment Notes
Ace your Dynamics 365 deployment with packaged services delivered by expert consultants.Explore service offerings
Connect with the ISV success team on the latest roadmap, developer tool for AppSource certification, and ISV community engagements.
ISV self-service portal
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Talent TechTalks
For a typical setup of a Dynamics 365 Online instance, authentication is done against Azure Active Directory using OAuth2.0 as an authentication method with an access bearer token issued.
But occasionally we come across Dynamics 365 Online instance setup against ADFS which involves a two-step process before an access SAML bearer token is issued.
Here are the steps required to authenticate with ADFS using User Credentials.
The User Realm endpoint for any Dynamics CRM 365 Online instance would be https://login.windows.net/common/UserRealm/<username>?api-version=1.0
HTTP GET Request:
The ADFS Service endpoint would be <federation_active_auth_url> from the JSON response in previous step but replacing 2005 with 13. In this example the endpoint would be https://sso.magtest.com/adfs/services/trust/13/usernamemixed
The body content of the HTTP Request will contain the following SOAP Request
HTTP POST Request:
The Token URL endpoint for any Dynamics CRM 365 Online instances would be https://login.microsoftonline.com/common/oauth2/token
The body content of the HTTP Request will contain the following and will be URL encoded
From HTTP Response in step 4,extract out the string value of the access token key which will be the SAML bearer token.
Set the Authorization header value of the HTTP OData request to be Bearer <access token>. We can now execute queries against the Web API as shown below.
Business Applications communities