web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / How to migrate from Pa...
Customer experience | Sales, Customer Insights,...
Answered

How to migrate from Passport authentication type to OAuth 2.0

(0) ShareShare
ReportReport
Posted on by stevey2019 22

Hello,

Got this error while attempting to connect to Dynamics CRM 365 OrganizationService:

Error Message: 

System.ServiceModel.FaultException
HResult=0x80131501
Message=An error occurred when processing the security tokens in the message:You are using Ws-Trust authentication which has been deprecated and no longer supported in your environment. Please use OAuth2.0 authentication.
Source=mscorlib
StackTrace:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Xrm.Sdk.IOrganizationService.Create(Entity entity)
at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.CreateCore(Entity entity)
at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.Create(Entity entity)
at Microsoft.Xrm.Client.Services.OrganizationService.<>c__DisplayClassd.<Create>b__c(IOrganizationService s)

Used this "Ws-Trust authentication which has been deprecated and no longer supported in your environment. Please use OAuth2.0 authentication" to search around and the answer was to change the connection string to something like this: 

connectionstring = "AuthType=OAuth;Username=jsmith@contoso.onmicrosoft.com; Password=passcode;Url=contosotest.crm.dynamics.com;AppId=51f81489-12ee-4a9e-aaae-a2591f45987d; RedirectUri=app://58145B91-0C36-4500-8554-080854F2AC97;LoginPrompt=Auto"

But I tried that (substituted with my own secrets) but it still gave me same error.      

Here are the codes to connect:

using Microsoft.Xrm.Client;

....

private readonly CrmConnection _crmServiceConnection;

in the constructor, set:

    _crmServiceConnection  = CrmConnection.Parse(dynamicsConfigurationProvider.ConnectionString);

And the connection is used in 

{
using (var service = new OrganizationService(_crmServiceConnection))
{
var accountId = service.Create(dynamicsAccount);


}
}

I looked up the OrganizationService meta data and it seemed old:

#region Assembly Microsoft.Xrm.Client, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
// C:\Users\.userid\.nuget\packages\microsoft.crmsdk.extensions\7.1.0.1\lib\net45\Microsoft.Xrm.Client.dll
// Decompiled with ICSharpCode.Decompiler 6.1.0.5902
#endregion

Thanks in advance for your help!!

I have the same question (0)
  • Verified answer
    Bipin D365 Profile Picture
    Bipin D365 28,983 Moderator on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    HI,

    You should be using below DLL to connect to crm to fix your issue

    www.nuget.org/.../

    Then use CrmServiceClient to get the service - docs.microsoft.com/.../microsoft.xrm.tooling.connector.crmserviceclient

    Sample code can be found at below github location -

    docs.microsoft.com/.../microsoft.xrm.tooling.connector.crmserviceclient

    docs.microsoft.com/.../authenticate-office365-deprecation

    Make sure you are using .Net framework 4.6.2 for your project.

    Please mark my answer verified if this is helpful!

    Regards,

    Bipin Kumar

    Follow my Blog: xrmdynamicscrm.wordpress.com/

  • stevey2019 Profile Picture
    stevey2019 22 on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    It works! Thanks so much and really appreciate that you provided enough details to make applying solution easy.

    Here were the changes I had to make, following your tips:

    1. Installed the Nuget Microsoft.CrmSdk.XrmTooling.CoreAssembly (I actually already did it by VS2022 UI "Manage Packages for Solution")
    2. Added NS  using Microsoft.Xrm.Tooling.Connector;
    3. Instantiate the CrmServiceClient: _crmServiceClient = new CrmServiceClient(connectionString);
    4. Replace var service = new OrganizationService(_crmServiceConnection) with "service  = _crmServiceClient"
    5. Keep the rest of codes unchanged.

    The keys are:

    • New assembly Microsoft.CrmSdk.XrmTooling.CoreAssembly
    • The connection string must change from using Passport as AuthType to OAuth 
  • stevey2019 Profile Picture
    stevey2019 22 on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    One more question, it seems that I had to use the AppId and RedirectUri from the sample

    AppId=51f81489-12ee-4a9e-aaae-a2591f45987d; RedirectUri=app://58145B91-0C36-4500-8554-080854F2AC97

    When I tried to get my own AppId and RedirectUri in there, I got 401 error in the CrmServiceClient.LastCrmError.

    Why was this? (I got my AppId and RedirectUri from AAD App registrations area, did I miss something?)

    Thanks so much for your help!!

  • Verified answer
    Community Member Profile Picture
    Community Member on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Hi,

    Please follow the below link you will get your answer yourself.

    docs.microsoft.com/.../authenticate-office365-deprecation

    Please like and subscribe my YouTube channel and follow my blog as well.

    www.youtube.com/watch

    juniorcrmblog.blogspot.com/

    juniorazurecrm.blogspot.com/

    If you have still any doubt please let us know.

    Thanks,

    Arshad

  • Verified answer
    Community Member Profile Picture
    Community Member on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Hi,

    not being able to login using User ID/Password even if using OAuth: if your tenant and user is configured in Azure Active Directory for conditional access and/or Multi-Factor Authentication is required, you will not be able to use user ID/password flows in a non-interactive form at all. For those situations, you must use a Service Principal user to authenticate with Dataverse.

    To do this, you must first register the application user (Service Principal) in Azure Active Directory.

    You can find out how to do this here.docs.microsoft.com/.../howto-create-service-principal-portal

    During application registration you will need to create that user in Dataverse and grant permissions. Those permissions can either be granted directly or indirectly by adding the application user to a team which has been granted permissions in Dataverse.

    Thanks,

    Arshad

  • stevey2019 Profile Picture
    stevey2019 22 on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Thanks for answering. Our user is configured for non-interactive format, so I assume the Service Principal is not needed.

    My original question was, why the AppId=51f81489-12ee-4a9e-aaae-a2591f45987d; RedirectUri=app://58145B91-0C36-4500-8554-080854F2AC97 that I got from the public forum work in my Crm connection string:

    working connection string = "Url=mycom.crm.dynamics.com;Username=userid@mycom.com;AuthType=OAuth;AppId=51f81489-12ee-4a9e-aaae-a2591f45987d;LoginPrompt=Never;RedirectUri=app:/.../58145B91-0C36-4500-8554-080854F2AC97"

    But it stopped working if I substituted the AppId and Redirect Uri with my own, which I got from Azure Portal "App registrations". 

    I did read the article you provided, but it still didn't explain why one set of AppId/RedirectUri (from public doc) works and the other doesn't.

  • Verified answer
    Bipin D365 Profile Picture
    Bipin D365 28,983 Moderator on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    HI,

    Have you added Dynamics CRM User_Impersonation permission under API permission in your app?

    8004.CR93.PNG

    Also, check if you have correct Redirect URL in your app and using the same in your connection string.

    Please follow below article to setup app registration for dataverse

    docs.microsoft.com/.../walkthrough-register-app-azure-active-directory

    Please mark my answer verified if this is helpful!

    Regards,

    Bipin Kumar

    Follow my Blog: xrmdynamicscrm.wordpress.com/

  • stevey2019 Profile Picture
    stevey2019 22 on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Yes, I did 

    pastedimage1649356842223v2.png

    And after I plugged in the AppId and Redirect Uri "">https://www.mycom.com" (I used the Web platform, should it be app:// format?), now I got a different error " System.NullReferenceException
    HResult=0x80004003
    Message=Object reference not set to an instance of an object.
    Source=Microsoft.Xrm.Tooling.Connector
    StackTrace:
    at Microsoft.Xrm.Tooling.Connector.CrmServiceClient.Create(Entity entity)"

  • Verified answer
    Bipin D365 Profile Picture
    Bipin D365 28,983 Moderator on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Hi,

    Yes, it should be in app:\\app client I'd format

    You should add redirect uri under mobile platform instead of web.

    Thanks,

    Bipin

  • stevey2019 Profile Picture
    stevey2019 22 on at
    RE: How to migrate from Passport authentication type to OAuth 2.0

    Tried app://app (client id) format and added the Redirect Uri from Mobile platform, and got this error underneath:

    LastCrmError = "ERROR REQUESTING Token FROM THE Authentication context - General ADAL Error\r\nAADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: 98a287df-ec39-4da4-8a93-24a7d94a4901\r\nCorrelation ID:...

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Pallavi Phade – Community Spotlight

We are honored to recognize Pallavi Phade as our Community Spotlight honoree for…

Congratulations to the October Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 152 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 103

#3
MVP-Daniyal Khaleel Profile Picture

MVP-Daniyal Khaleel 74

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans