There is required authentication before we can utilize the Dynamics CRM 2016 Web API for Microsoft Dynamics CRM Online 2016 Update and Microsoft Dynamics CRM 2016 (on-premise). There are three patterns in Web API Authentication:
With on-premise deployments
When you use the Web API for on-premises deployments you must include the user’s network credentials.
With Microsoft Dynamics CRM Online or internet facing developments
When you use the Web API for CRM Online or an on-premises Internet-facing deployment (IFD) you must use OAuth as described in Connect to Microsoft Dynamics CRM web services using OAuth.
In this case, we will just focus on connecting Microsoft Dynamics CRM web services using OAuth.
Steps to Register CRM Online to Azure Active Directory
- Log on to the Microsoft Azure Management portal with your existing Azure account credentials. You must have an administrator permission. At this point, you can sign in with your existing Azure account with or without Office 365 subscription.
- Click Active Directory on the left column of the page. Click the target tenant directory in the directory list and go to step 9. Otherwise, proceed to the next steps.
- At the bottom of the screen on the New menu, select App Services > Active Directory > Directory > Custom Create.
- In Add directory, select Use existing directory in the Directory drop-down selection.
- Check I am ready to be signed out, and then click on the check mark at the lower right corner.
- This brings you back to the Azure Management Portal. Log in with your Office 365 account information. Please note that in order to associate your Office 365 account with Azure AD, you’ll need an Office 365 business account with global administrator privileges.
- Select continue, and then Sign out now.
- Close the browser and reopen the portal. Log on again with your existing Azure credentials. Go to Active Directory and your Office 365 account should now be visible.
- Upon clicking the target tenant directory, navigate to Applications tab. You should see the subscribed applications (including Dynamics CRM Online) that are already included with the Office 365 account you have associated with the Azure account.
- At the bottom of the screen, click Add. A prompt will show, then select the option Add an application my organization is developing.
- When prompted, enter a name for your application, pick a type: Web Application or Native Client Application, and then click the right arrow to continue. Click a question mark (?) for more information on the appropriate values for each input field. In this example, we will just choose Native Client Application.
- Set value for Redirect URI – The URI to which Microsoft Azure AD will redirect in response to an OAuth 2.0 request. The value does not need to be a physical endpoint, but must be a valid URI.
- This will now create the native client application to be used for consuming Web API.
- Navigate to Configure tab and go to Permissions to other Applications. Click the Add Application button.
- Click the Dynamics CRM Online application to add in the list. Click check button.
- Upon adding CRM application, click the dropdown and check the Access CRM Online as organization users.
- Click Save button to apply the changes.
Before you can use OAuth authentication to connect with the CRM web services, your application must first be registered with Microsoft Azure Active Directory. Azure Active Directory is used to verify that your application is permitted access to the business data stored in a CRM tenant.
In order to test whether the steps you followed are working, use the ClientID generated upon creation of the CRM Application in Azure.
Upon executing the code, you should now be able to access and utilize the Dynamics CRM WebAPI.