web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Dynamics 365 general forum / Dynamics Portals: Exte...
Dynamics 365 general forum

Dynamics Portals: External identity username

(0) ShareShare
ReportReport
Posted on by anilambadan 1,160

Hi

I'm trying to integrate Azure AD as external identity with Dynamics portal. When an external ID is authenticated and logged on to the Portal for the first time, dynamics creates a new Contact record and associates it with the external ID.

What I notice is that the external identity username is some form of encrypted hash which must be based on the Azure AD account somehow.

I want to automate the creation of contacts but have no idea how this external identity username is derived.

I want to do this association programmatically. But no idea how to get the username from AD to associate it with contact. Please see the screen shot below.

external.PNG

I have the same question (0)
  • MyCRMBlog Profile Picture
    MyCRMBlog 150 on at

    Hi,

    Did you get any inputs on this. Any information would be helpful. Thank you.

    Regards,

    Santhi

  • Micchael Profile Picture
    Micchael 390 on at

    Hi Anil and MyCrmBlog,

    You can utilize Azure AD Graph API get information about the user object.

    docs.microsoft.com/.../active-directory-graph-api

    The "Username"(adx_identity_username) in Contact you reference in the screenshot is not a real username but a reference to External Identity (adx_externalidentity) entity.

    Try in AdvancedFind to find "external identity.User Name" == value of "contact.adx_identity_username".

    It's usually a guid.  What kind of identity provider configured in Azure?

    The external identity user name is an object id.

    This object id allows to call Azure Graph Api to find a user object.

    Cheers and easy coding.

  • MyCRMBlog Profile Picture
    MyCRMBlog 150 on at

    Hi Michael,

    Thank you for inputs. My scenarios is like below in Dynamics 365 portal:

    - Using ADFS OpenID integration for authentication

    - User who will use portal are pre-loaded as contacts in CRM

    - Was trying to find out how to set this external identity record value during load itself so that user when they connect to portal uses the loaded contact record without creating a new record.

    object_id i don't find it in the SAML response received from the ADFS.

    Could you please direct. 

  • MyCRMBlog Profile Picture
    MyCRMBlog 150 on at

    Hi ,

    Any inputs on how to handle the below scenario.

  • Micchael Profile Picture
    Micchael 390 on at

    Hi blog,

    About this issue:

    " Was trying to find out how to set this external identity record value during load itself so that user when they connect to portal uses the loaded contact record without creating a new record.

    object_id i don't find it in the SAML response received from the ADFS."

    The external identity references to user object in AD. 

    To make it right you need first create user objects in AD using Graph API and Power Shell (AD admin credentials are required).

    Then while the load set the reference as "contact.adx_identity_username" = userobject.id

    Some links about Graf API:

    https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet 

    https://developer.microsoft.com/en-us/graph/blogs/30daysmsgraph-day-1-why-you-should-learn-the-microsoft-graph/ 

    https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-user-migration 

  • Stanley Lai Profile Picture
    Stanley Lai 295 on at

    Hi Michael,

    We are experiencing same issue whereby we need to pre load the contacts and have the sign up/sign in process detect the existing CRM contact and update it. It doesn't look the the original poster is on Azure AD B2C -  just authenticating through OpenID.

    The user name for the external identity record in this case is a hash value as opposed to an object ID GUID.

    external-id.PNG

    It doesn't look like we can retrieve this value using Graph API as I don't know what this field relates to. Obviously in Azure AD B2C all external identity records have user name as objectid therefore we are able to query these values using Microsoft Graph.

    As far as what the OP is trying to retrieve this not possible without using Azure AD B2C..

  • Suggested answer
    KatTitus92 Profile Picture
    KatTitus92 15 on at

    For anyone looking at this after January 2023 - here is the Power Pages answer to this question. community.dynamics.com/.../identity-strategy-for-power-pages

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

November Spotlight Star - Khushbu Rajvi

Congratulations to a top community star!

Forum Structure Changes Coming on 11/8!

In our never-ending quest to help the Dynamics 365 Community members get answers faster …

Dynamics 365 Community Platform update – Oct 28

Welcome to the next edition of the Community Platform Update. This is a status …

Leaderboard > Dynamics 365 general

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans