web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / How to use OAuth beare...
Customer experience | Sales, Customer Insights,...
Unanswered

How to use OAuth bearer token in SOAP request / SOAP Body ?

(0) ShareShare
ReportReport
Posted on by malik1126 32

Currently I am using the structure <EncryptedData..<EncryptedKey>...</EncryptedKey>...<CipherData>...</CipherData>..</EncryptedData> in the SOAP API for interacting with dynamics crm SOAP URI. (POST <Execute.. request)

Now since WS-TRUST authentication is going to deprecate, and only OAuth authentication is there which return bearer key. 

Can some one help me how we can use Bearer token with soap body?
or is there any other authentication from which we can get <EncryptedData..<EncryptedKey>. ?

I have the same question (0)
  • Tiago Lourenco Profile Picture
    Tiago Lourenco on at

    Hello Malik, 

    I'm not sure if I totally understand your question but it seems that you already have access to a bearer token, and you want to use it in a SOAP request, if so:

    To perform the OAuth authentication, you need to pass the OAuth access token along with the request. In SOAP web services, the OAuth access token can be passed in a SOAP Header inside the SOAP envelope or in the Authorization HTTP header of a request.

    In ReadyAPI, there is no built-in option to add the OAuth authorization to a SOAP request since the OAuth authorization is rarely used with SOAP web services. But, you can use the following workaround which allows you to pass the access token in the HTTP Authorization header:

    1. Add a REST request of the POST type.
    2. Add the OAuth Authorization for the request: https://support.smartbear.com/readyapi/docs/projects/requests/auth/profile/request.html
    3. Select the application/xml Media Type in the Content Editor: https://support.smartbear.com/readyapi/docs/projects/ui/request/request/vertical/rest.html
    4. Add your SOAP request XML as the payload.

    As a result, you will get a request with the OAuth access token and the SOAP request content:

    pastedimage1601289571322v2.png

  • Shubham Profile Picture
    Shubham 65 on at

    Hi  Lourenco,

    In the soap request body, what should be the tag name for Oauth access token instead of this structure

    <o:Security xmlns:o="docs.oasis-open.org/.../oasis-200401-wss-wssecurity-secext-1.0.xsd"><u:Timestamp u:Id="_0">

            <u:Created></u:Created>

                           <u:Expires></u:Expires>

    </u:Timestamp>

    <EncryptedData Type="...">

                           <EncryptedKey>

                           </EncryptedKey>

                           </ds:KeyInfo>

                          <CipherData>

                            <CipherValue></CipherValue>

                          </CipherData>

                         </EncryptedData>

    </o:Security>

    Also, if I am adding it in the Authorization HTTP header of a request, then receiving this error - An error occurred when verifying security for the message<500 Internal Server Error>

  • David Krasny Profile Picture
    David Krasny 10 on at

    Hello. Did you solve that issue?

  • Navi Cheema Profile Picture
    Navi Cheema 10 on at

    Hi

    I am facing the same issue. I have the authorization token, I am also getting "An error occurred when verifying security for the message". Were you able to solve this issue?

  • Navi Cheema Profile Picture
    Navi Cheema 10 on at

    Is there any update on this issue? I could really use some help.

  • David Krasny Profile Picture
    David Krasny 10 on at

    I couldn't find any solution, how to use OAuth with SOAP. So I had to rewrite the whole application to their new Web API (docs.microsoft.com/.../query-data-web-api). It took me a lot of time, but I think, it is the only solution right now. It is really inconvinient, that they are deprecated that authorization out of nowhere and didn't provided a reasonable solution.

  • Abdul Malik Profile Picture
    Abdul Malik 5 on at

    There is one hack to do that. You can remove the secure body from the soap body and add pass bearer key as a Authorization header.

    For that you need to convert your soap body to soap 1.1. (namespace should be "schemas.xmlsoap.org/.../")

  • ritesh2406 Profile Picture
    ritesh2406 10 on at

    Hi Abdul , can you please expand on how to change the request to SOAP 1.1.  Did this solution worked for you to get around WS-trust deprecation.

  • ritesh2406 Profile Picture
    ritesh2406 10 on at

    Hi Tiago, I as suggested in the example i have sent the soap envelop as Post request body and authorization code and soap action in the header. I can see a response from MSdynamcis server as key for the created record. But when i don't see the record in MSDynamcis portal under "Lead" category. Any pointer on what could be the issue.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 83 Super User 2025 Season 2

#2
Gerardo Rentería García Profile Picture

Gerardo Rentería Ga... 49 Most Valuable Professional

#3
#ManoVerse Profile Picture

#ManoVerse 40

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans