web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Dynamics 365 Portal OD...
Microsoft Dynamics CRM (Archived)

Dynamics 365 Portal OData Feed Security Issue

(0) ShareShare
ReportReport
Posted on by Community Member

Hi, 

I set up the entity list for contact and enable the odata feed. That I can use the odata feed link to get the contact list data directly. However, it seems any one can get the data by the odata feed, anyone can give me the idea to control only the authentication user can use the odata feed to get the authenticated records?

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    Shahbaaz Ansari Profile Picture
    Shahbaaz Ansari 6,211 on at

    Hi,

    Please check below link,

    community.dynamics.com/.../configuring-odata-feed-for-entity-list-in-portal-in-dynamics-365

    Best Regards,

    Shahbaaz

  • Tyler Page Profile Picture
    Tyler Page 80 on at

    Hi Chin,

    Did you ever find a solution to this? I am having the same issue.

    -Tyler

  • Suggested answer
    Arpit Shrivastava Profile Picture
    Arpit Shrivastava 7,518 User Group Leader on at

    Hi,

    Currently there is no mechanism in Microsoft Portal to enable OData Feeds for only Authenticated Users. It's anonymous.

    The best way to provide security to OData Feeds is Liquid Template.

    You can write Liquid Code/Fetch XML to retrieve the data from CRM and return the JSON in response. Now you can use that JSON on multiple webpages in order to retrieve the CRM data in secured manner.

    Check this article:

    colinvermander.com/.../dynamics-365-portals-use-liquid-to-return-json-or-xml

    If found useful, please mark the answer as verified.

    Cheers

    Arpit

    arpitmscrmhunt.blogspot.com

  • Suggested answer
    Arpit Shrivastava Profile Picture
    Arpit Shrivastava 7,518 User Group Leader on at

    In Dynamics 365 Portal, Enable Entity Permission on Entity List (made for enabling OData). And associate Authenticated User web role to that respective entity's entity permission.

    By doing this only authenticated user would be able to access the CRM data using Odata.

    Cheers

    Arpit

  • WaseemM Profile Picture
    WaseemM 10 on at

    Is this working? can you post a step by stem guide as i'm not able to make it work, maybe i'm doing something wrong.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans