You’re offline. This is a read only version of the page.
Here's the Scenario:
We have a non-Internet Facing Deployment on-premises CRM 2016 installation.
We need to get some of our data looked up via an outside organization, but we don't want to make it an internet facing system, nor set up the SQL server to be queried directly. My Solution is to build an API in the AWS API gateway that can query the CRM server, transform the data and then pass it on as JSON to the outside organization.
I have built out the Web API query internally within Postman, and it is working. However I am unable to get Amazon's API gateway to authorize correctly. What's the best way for AWS to get authorized if oAuth is not an option, also, is there a way to do an API key for CRM instead of typical authentication methods for Windows/AD? I will be allowing the API gateway past our firewall.
*This post is locked for comments
I would highly suggest exploring the scribe video and solution. Scribe online is an entirely separate product and experience than scribe workbench. The event paradigm that they offer is exactly what you are trying to accomplish and could probably be completed within hours. I only work with D365 online presently. I used to work with on-premise environments, but it has been about five years since then. I am sorry I cannot be of further help. Good luck!
Yeah, I have already read that API document, and it had no information about NTLM authorization not authorization with headers or anything like that. We use scribe internally. Also we have a few VPCs already.
The purpose of this whole thing is to put a barrier between the API of our CRM deployment and the organization that needs to have a lookup API. so having AWS do the lifting seems like a great solution. It just seems like CRM does not play well as far as API's go. Also it keeps people off of our network machines.
docs.microsoft.com/.../authenticate-web-api
This article explains pretty well that with on premise environments you must use network credentials in order to access the services.
You might want to look into setting up a VPC with AWS in order to obtain and connect with network credentials. That might work for you. I don't know 100% of the details involved but really for this situation you must access the service within the network.
Here is some stuff on AWS VPC https://aws.amazon.com/vpc/
An alternative could be using a 3rd party service such as scribe online that would run it's own service on an internal machine and provide a method for you to get to the same result without having to do anything with AWS. Scribe Online has a feature called events that provide an endpoint and return results you configure based off your data/queries. It might reduce a lot of post-processing once you get your data situation solved.
Here is a video on scribe (now TIBCO) events. you will probably understand it as it is pretty strait forward. Know that they have an installable agent that you can run on inside your network and it will access the CRM data providing a gateway to their cloud platform to then expose in an API https://youtu.be/3c_8gdODY8A
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,253
Super User 2024 Season 2
#2
Martin Dráb
230,188
Most Valuable Professional
#3
nmaenpaa
101,156
Share
Report
All responses (
Answers (
