Dynamics Community Forum Thread Details

I am trying to create an external application utilizing some of the RetailServer functionalities. C1 authorization is mandatory in my scenario. What is worth noting is that no customers or users will have access to this application it will be used as a form of automation only.

What I've done so far was:

1) Adding an application in Azure Active Directory.

2) Adding Identity Provider with clientId and secret from point 1) to D365.

3) Adding application in D365 in Azure Active Directory applications form with user that has full system access.

4) Creating a test method for fetching an existing cart from RetailServer.

Code:

AuthenticationContext authenticationContext = new AuthenticationContext(tenantAuthority, false);
AuthenticationResult authResult = null;
authResult = await authenticationContext.AcquireTokenAsync(retailserverAddress, new ClientCredential(clientID, clientSecret));
ClientCredentialsToken clientCredentialsToken = new ClientCredentialsToken(authResult.AccessToken);
Microsoft.Dynamics.Commerce.RetailProxy.RetailServerContext retailServerContext = Microsoft.Dynamics.Commerce.RetailProxy.RetailServerContext.Create(new Uri(retailserverAddress + "/Commerce"), OUN, clientCredentialsToken);
Microsoft.Dynamics.Commerce.RetailProxy.ManagerFactory managerFactory;
managerFactory = Microsoft.Dynamics.Commerce.RetailProxy.ManagerFactory.Create(retailServerContext);
Microsoft.Dynamics.Commerce.RetailProxy.ICartManager cartManagerTest = managerFactory.GetManager<Microsoft.Dynamics.Commerce.RetailProxy.ICartManager>();
Microsoft.Dynamics.Commerce.RetailProxy.Cart cartFromProxy = await cartManagerTest.Read(cartWithLine.Id);

What is important is that I do not want to extend or modify CRT/RS/D365 code. Is there any way to achive this?

Right now all my calls seem to be made as anonymous and therefore fail to be executed even when Azure Active Directory application user has full access.

Error:

An exception of type: 'Microsoft.Dynamics.Commerce.Runtime.UserAuthorizationException' occurred while executing Microsoft.Dynamics.Commerce.Runtime.Services.Messages.CheckAccessServiceRequest request by Microsoft.Dynamics.Commerce.Runtime.Services.UserAuthenticationService. Error resource id: 'Microsoft_Dynamics_Commerce_Runtime_AuthorizationFailed', Exception: Microsoft.Dynamics.Commerce.Runtime.UserAuthorizationException: Assigned role is not allowed to perform this operation.
   at Microsoft.Dynamics.Commerce.Runtime.Services.CommerceAuthorization.CheckAccess(ICommercePrincipal principal, RetailOperation operationId, RequestContext context, String[] allowedRoles, Boolean deviceTokenRequired, Boolean nonDrawerOperationCheckRequired)
   at Microsoft.Dynamics.Commerce.Runtime.Services.UserAuthenticationService.CheckAccess(CheckAccessServiceRequest request)
   at Microsoft.Dynamics.Commerce.Runtime.Services.UserAuthenticationService.Execute(Request request)
   at Microsoft.Dynamics.Commerce.Runtime.CommerceRuntime.Execute[TResponse](Request request, RequestContext context, IRequestHandler handler, Boolean skipRequestTriggers).

I would greatly appreciate any help as I refuse to believe that this is impossible.

Categories:

Online Channel

Point-of-sale Functionality

Development and Customization

Data Synchronization and Offline Database