web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / CRM Online Web API Err...
Microsoft Dynamics CRM (Archived)

CRM Online Web API Error 401 : Unauthorized : Access is denied

(3) ShareShare
ReportReport
Posted on by Community Member

Hi All,


I have been trying to test the CRM Online Web API, to verify if it could be a good solution for my PHP public web site to input data into CRM.

The goal here is to create a new Contact in CRM whenever an (unidentified) user submits a form in the web site.

For testing purposes, I am using REST/JSON requests sent via Postman to try to achieve this.

I went through a lot of pain to register my web site in Azure AD, and to post a JSON request to login.microsoftonline.com/<my_tenant_id>/oauth2/token that would allow me to get an access token, by the "client_credentials" method.

I am finally able to get tokens that look quite good :

{
  "token_type": "Bearer",
  "expires_in": "3600",
  "expires_on": "1458152686",
  "not_before": "1458148786",
  "resource": "xxxxxx.crm4.dynamics.com/.../v8.0",
  "access_token": "iOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VLWSIsImtpZCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VLWSJ9.eyJhdWQiOiJodHRwczovL2tsZWVjcm0uY3JtNC5keW5hbWljcy5jb20vYXBpL2RhdGEvdjguMC8iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8zZDExOTNiNS1iMzNjLTRhOTEtY_ELUUQGw5PF8OSPsFoNh6SPUgnFoqtbHL4dCWnyuLxlbyvMWuQNWotMRJAhQGo7nRmQYSYSHX62XW76ArlqKAvhyXTlhn68ma5ZFx_ohMBGR4_W4FrgNaZC5e7OQ2QNAl8wq33vrzi7OFEjHRHPygt__VB7rCybqBbLIpFZPcZqoiy1johpAEMpgK332VLoH5jBBa5kf39TWI7Y5FlXtQ"
}

I used a token to post a sample JSON request that would create an account to https://xxxxxx.crm4.dynamics.com/api/data/v8.0/accounts but I keep getting a 401 error (Unauthorized : Access is denied").

It looks like the token is good, because if I alter it, I get another error indicating that the token is incorrect.

I have to be close to a solution here but I can't figure it out. What am I missing ?

*This post is locked for comments

I have the same question (0)
  • Abhishek_Sinha Profile Picture
    Abhishek_Sinha 665 on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    Hi,

    can you check below site

    mscrmshop.blogspot.in/.../crm-web-api-and-cors-support.html. Check for webapi and cors support.

    Thanks,

    Abhishek

  • albernhagen Profile Picture
    albernhagen on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    I am also having the same issue.  Does anyone else have any ideas as to what the solution is?

  • Community Member Profile Picture
    Community Member on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    are you able to connect it successfully?, could you list down steps in detail?

  • Inogic Profile Picture
    Inogic 651 on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    Could you please post the function you are using to send the request to CRM. So that we could check it in detail.

    You may refer this blog for more information on WebAPI:

    http://inogic.com/blog/2016/03/programming-using-webapi-through-c-in-dynamics-crm-2016/

    Thanks!

    Sam

  • albernhagen Profile Picture
    albernhagen on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    The post is close to what I did, but that requires interactive auth (i.e. the user must enter their credentials as it runs).  I tried their approach for not using a login prompt and had issues before in my trial instances.  I tried in one of our company's sandbox environments and received a 500 as we are fronted with ADFS for authentication.

  • Community Member Profile Picture
    Community Member on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    -       Instead of creating a Web application association in Azure AD, create a Native one, and get the proper Client ID, and define the appropriate permissions for Dynamics CRM application.

    -       In Postman, create the following request to get the Bearer Token :

    POST /TENANTID/oauth2/token HTTP/1.1
    Host: login.microsoftonline.com
    Cache-Control: no-cache
    Content-Type: application/x-www-form-urlencoded

    client_id=IDFROMAZURE &resource=https%3A%2F%2FXXXX.crm4.dynamics.com&username=XXXXX%40XXXX.onmicrosoft.com&password=XXXX&grant_type=password

    -       Define the client_id with the one generated by Azure AD

    -       Change the grant_type to password

    -       Add the username and password

    -       And using the returned Access_token I was able to do the request properly, for example a GET of Accounts :

    GET /api/data/v8.0/accounts/ HTTP/1.1
    Host: xxxx.api.crm4.dynamics.com
    Accept: application/json
    OData-Version: 4.0
    Authorization: Bearer <Token received>
    Cache-Control: no-cache

    -    

    Hope this helps sort this out.

    Joao Rodrigues

  • albernhagen Profile Picture
    albernhagen on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    I'm in a little different situation where I'm using C# with the Microsoft.IdentityModel package to manage authentication.  I tried defining my application within Azure as a native app, but since my CRM instance is protected by ADFS auth, I still got errors during token acquisition.  Any ideas?

    te.processhost.managed.exe Error: 0 : 5/5/2016 2:09:31 AM: 4e87feef-7546-4bbc-a60d-e910c39ff935 - <RunAsync>d__0: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: Federated service at my.adfs.com/.../usernamemixed returned error: ID3242: The security token could not be authenticated or authorized. ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
  • Community Member Profile Picture
    Community Member on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    Did you already took a Fiddler trace when running the app ? You will get an idea of where it is hitting.

    Then let's us know your findings.

    Br-

    Joao

  • albernhagen Profile Picture
    albernhagen on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    Hey Joao,

    Yes, I did.  Using the aforementioned libraries, I see a GET to login.windows.net/common/UserRealm/userid@company.com?api-version=1.0.  This returns a 200.  After that, there is a GET followed by a POST to our ADFS instance, the second of which returns the 500.  This doesn't match exactly what you're seeing above, though.  I'll try making the direct HTTP calls as opposed to using Microsoft's framework and see what happens.

    Thanks!

  • albernhagen Profile Picture
    albernhagen on at
    RE: CRM Online Web API Error 401 : Unauthorized : Access is denied

    Doing the manual API calls, I was able to successfully authenticate without an interactive prompt.  Thanks for the helpful information!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Abhilash Warrier – Community Spotlight

We are honored to recognize Abhilash Warrier as our Community Spotlight honoree for…

Congratulations to the September Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
HR-09070029-0 Profile Picture

HR-09070029-0 2

#1
UllrSki Profile Picture

UllrSki 2

#3
ED-30091530-0 Profile Picture

ED-30091530-0 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans