Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Calling an Active dire...
Microsoft Dynamics CRM (Archived)

Calling an Active directory authenticated Web API using Ajax in CRM Portal

(0) ShareShare
ReportReport
Posted on by Sumit Bharti 10

I have deployed a Web API to Azure App service and I secured it with active directory authentication. I need to call this Web API On-Change of a field in my portal i.e. CRM Portal. (My CRM portal also allows only Active directory authenticated users to log in.) The way I have thought is I will do an Ajax call On-Change of the field to get the response. However I am unable to get the token itself. I am using adal.min.js as a library for supporting active directory authentication. I am easily able to get the response when calling a No Authentication Web API this way.

What should I be doing to get the response from an AD authenticated API from JQuery AJAX call in CRM Portal?

*This post is locked for comments

  • Sumit Bharti Profile Picture
    Sumit Bharti 10 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hello Emad.

    As i remember we were able to solve this by enabling cors as explained in the document here

    docs.microsoft.com/.../enabling-cross-origin-requests-in-web-api 

    Also, we enabled CORS from the azure app service configuration where the api is deployed.

    Another way if you are doing it from CRM, you can perform the operation server side like by calling api from a task or a workflow.

    Hope this helps.

  • Emad AlSous Profile Picture
    Emad AlSous 20 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hello Sumit,

    Were you able to find a solution for your issue?

    Best regards,

    Emad

  • Sumit Bharti Profile Picture
    Sumit Bharti 10 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Thanks Shaminder -

    I believe will have to change the CORS setting of the endpoint login.microsoftonline.com to allow access from my origin application, which clearly I cannot do from here.

    There is one more thing I have read - I can change "oauth2AllowImplicitFlow" setting of my AD application and some modifications in access but doesn't seems to work for me either. I will keep trying to look up for something that resolves this issue.

    Thanks for your help.

    - Sumit Bharti

  • Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Sumit,

    Related to my earlier remark got it wrong that you are doing it in crm.

    When you create a portal there is an azure web app created for the same.

    Navigate to that web app ,there is a cors settings in it.

    Specify the setting Allow - Origin = *

    -Shaminder

  • Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hi Arpit,

    We can use it if we do the azure ad registration setting , we can call it using oauth2.0

    -Shaminder

  • Suggested answer
    Arpit Shrivastava Profile Picture
    Arpit Shrivastava 7,518 User Group Leader on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hi Sumit,

    Currently, you can't use WEB API in Microsoft Portal, at least not in a secure way.

    For the webapi you need to authenticate with a CRM user. Within the boundaries for the portal, this is not possible in a secure manner.

    If your requirement is to retrieve the data onchange of field, better to go with Fetch XML(using Liquid Template) or OData Query.

    Hope it helps.

    If my answer helped to resolve your issue, kindly verify it by clicking 'Yes'. It would be helpful to the other community members seeking to resolve a similar issue.

    Cheers

    Arpit

    arpitmscrmhunt.blogspot.in

  • Suggested answer
    Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    yup,its because of CORS,just checked this endpoint doesn't support CORS.

    We may need to do it at serverside then.

    Call an action on change of your field via js.

    Pass the field value as input params.

    In that action form a post request  using httpclient,get the token

    and and do a subsequent http request using token.

    Return the web api output as action output.

    -Shaminder

  • Sumit Bharti Profile Picture
    Sumit Bharti 10 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hi Shaminderpal,

    Thanks for your suggestions. I have made progress here by making a post request to my active directory tenant to get the token first. I am able to get the access token when I am querying through Postman, however when doing ajax call through custom javascript I am getting error as:

    Failed to load login.microsoftonline.com{tenant-id}/OAuth2/Token: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '<CRM Portal Origin URL>' is therefore not allowed access.

    I tried to make the request as datatype = "jsonp" as well, assuming it might be due to cross origin issues, still no luck here.

    Is there anything particular I am missing here?

    Thanks,

    Sumit Bharti

  • Suggested answer
    Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at
    RE: Calling an Active directory authenticated Web API using Ajax in CRM Portal

    Hi Sumit,

    Yes,you are right you need to get the token from azure ad to establish the authentication .

    My suggestion is not to use adal.js as it requires user's consent to obtain the token,instead do raw http requests using xmlhttprequest or ajax.

    You can make the first http request as follows using ajax:

    POST:login.microsoftonline.com{tenant-id}/OAuth2/Token

    Content-Type: application/x-www-form-urlencoded

    Body Params

    grant_type=client_credentials

    resource={your app id url}//In this case your api app id url

    client_id=clientid of your api app

    client_secret=clientsecret of your api app

    You will get token in response.

    Add token in header and make the next request.

    -Shaminder

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,269 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,198 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans