Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Architect the Solution...
Microsoft Dynamics CRM (Archived)

Architect the Solution right

(0) ShareShare
ReportReport
Posted on by Community Member Microsoft Employee

Hello Everyone,


Before jumping to what problem I am facing first I will walk through what I am currently trying to achieve.
 I have RESTful web service running and it is used by my Android, iOS and web application, now I am trying to integrate my solution into Dynamics CRM. I want to reuse my RESTful web services to fetch all the analytic that is already stored in some backend database server, my RESTful web service need to authenticate with CRM that user who is requesting data is actually a valid user (means when requesting data user is actually a user he/she claims to be).

Currently I have solution for SalesForce which users access token which I can actually get from the SalesForce application inside SalesForce and not out side api request. Then I send that access token to my RESTful web service, RESTful web services calls verification services on SalesForce on the same user id and checks if access token is valid. Then request is served based on the result of the validation.


Now I am planning to implement similar solution for Dynamics CRM but some how I am not able to get the access token of the currently logged in user in online Dynamics CRM 2016 using JavaScript or C#.

Can anyone guide me in right direction to either get the access token or Authenticate a currently logged in user of CRM from my RESTful web services.

Thanks,

Ramnivas Indani

*This post is locked for comments

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Architect the Solution right

    Thanks for sharing Yadnyesh, I am using online 2016 version. Will this OAuth work for customization inside CRM online 2016. How to use redirectURL and how to pass callback to OAuth through customization?

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Architect the Solution right

    Thanks for sharing Yadnyesh, I am using online 2016 version. Will this OAuth work for customization inside CRM online 2016. How to use redirectURL and how to pass callback to OAuth through customizations?

  • Suggested answer
    Yadnyesh Kuvalekar Profile Picture
    Yadnyesh Kuvalekar 4,102 on at
    RE: Architect the Solution right

    Hi Ramnivas,

    Which CRM version you are using? Post CRM 2016 versions, using Web API you can authenticate user using a token issued through azure AD.

    [View:https://msdn.microsoft.com/en-in/library/gg327838.aspx]

    For older versions, we have implemented our own mechanism to issue a token where user used to enter login details on a page and using code we used to issue a session id.

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Architect the Solution right

    Considered your solution but using only UserId violates our security model and it is form of verification and not validation. I was looking for something to do verification that requesting user to REST api is a legit user.

    If you have any other suggestions please consider sharing it, it can be a very good architecture for those who have whole solution implemented outside of CRM.

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Architect the Solution right

    Thank you for your reply, The problem with only using userId is we can never be sure if user actually logged in or it is a request made by someone who got hold of the userId somehow. 

    Authentication with access token validation or any sort of validation that makes sure that the user is actually logged in and using this access token right now. Usually access tokens are short lived so even if someone gets hold of userId and access token it can not be used forever like in the case of userId.

    I appreciate you reply and would consider this. 

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Architect the Solution right

    I think you can take similar aproach with what you are doing with the Salesforce solution.

    From javascript you cant take the current logged user GUID by using function

    Xrm.Page.context.getUserId();


    You can read here https://msdn.microsoft.com/en-us/library/gg334511.aspx#BKMK_getuserid

    And if you want to do it with C# you can get current user Id with

    context.UserId;


    You can read here https://msdn.microsoft.com/en-us/library/microsoft.xrm.sdk.ipluginexecutioncontext.aspx

    Send this Id when calling your RESTful web service and then from your web service you make a call to CRM services to verify if an user with this Id exist.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,253 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,188 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans