title | description | ms.custom | ms.date | ms.reviewer | ms.suite | ms.tgt_pltfrm | ms.topic | applies_to | helpviewer_keywords | ms.assetid | author | ms.author | search.audienceType | |||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Implement single sign-on from an ASPX webpage or IFRAME (Developer Guide for Dynamics 365 Customer Engagement (on-premises)) | MicrosoftDocs |
This topic describes how to develop a custom webpage that can make SDK calls to Dynamics 365 Customer Engagement (on-premises) on behalf of the Dynamics 365 Customer Engagement (on-premises) user who is signed in |
03/29/2019 |
pehecke |
article |
|
|
c2b38554-eab9-4793-a2f5-62b7a11d99f7 |
JimDaly |
jdaly |
|
This topic describes how to develop a custom webpage that can make SDK calls to Dynamics 365 Customer Engagement (on-premises) on behalf of the Dynamics 365 Customer Engagement (on-premises) user who is signed in. The typical use of this capability is to write a webpage that is displayed in an inline frame in the Dynamics 365 Customer Engagement (on-premises) web application user interface. That webpage performs its intended operation, for example, providing a store front, while being hosted on a website independent of the site that’s hosting [!INCLUDEpn_crm_shortest]. However, the webpage can perform its operations on behalf of the [!INCLUDEpn_crm_shortest] user who is signed in. The result is seamless integration between a webpage and Dynamics 365 Customer Engagement (on-premises).
This scenario is for a Dynamics 365 Customer Engagement (on-premises) Internet-facing deployment (IFD) where a separate website hosts a custom ASPX webpage that is optionally displayed in an inline frame of the Dynamics 365 Customer Engagement (on-premises) web application. This scenario uses federated claims. Therefore, you’ll have to set up a security token service (STS) server for identity management. You’ll also need a certificate to be used when making Dynamics 365 Customer Engagement (on-premises) and the website relying parties, which established cross-domain trust between these parties.
For more information about how to configure claims and a relying party, see the following topics in Deploying and administering Microsoft Dynamics 365 Customer Engagement (on-premises):
-
Post-Installation and Configuration Guidelines - Configure a Dynamics 365 Customer Engagement (on-premises) Internet-facing deployment (IFD)
-
System requirements and required technologies - Accessing Dynamics 365 Customer Engagement (on-premises) from the Internet - Claims-based authentication and [!INCLUDEpn_ifd_short] requirements
For more information about identity management, see the identity training course.
[!INCLUDEproc_more_information] Walkthrough: Single Sign-on from a Custom Web Page in the [!INCLUDEpn_CRM_2011] SDK.
This scenario is for use with Dynamics 365 Customer Engagement (on-premises) where [!INCLUDEpn_Windows_Azure] hosts a custom webpage that’s optionally displayed in an inline frame of the Dynamics 365 Customer Engagement (on-premises) web application. This scenario uses federated claims, provided by the [!INCLUDEpn_Windows_Live] security token service (STS) server for identity management. You must provide a certificate to be used when making Dynamics 365 Customer Engagement (on-premises) and the [!INCLUDEpn_Windows_Azure] website relying parties, which established cross-domain trust between these parties.
For more information about how to configure a relying party, see the following topic: Secure Azure Web Role ASP.NET Web Application Using Access Control Service v2.0
For more information about identity management, see https://channel9.msdn.com/Learn/Courses/IdentityTrainingCourse
For more information about implementing this scenario including problems you may run into and the workarounds, see these blogs: Dynamics 365 Customer Engagement (on-premises) & Azure: Improving the SSO experience, and Dynamics 365 Customer Engagement (on-premises) & Azure Series.
If you want to enable communication for an inline frame (iframe) that contains content from a different domain, you can use the Window.postMessage
method. This browser method can be used for [!INCLUDEpn_IE_8]. [!INCLUDEtn_Google_Chrome], [!INCLUDEtn_Mozilla_Firefox], and [!INCLUDEtn_Apple_Safari] also support this method. For more information about using postMessage
, see the following blog posts:
Access the Web Services (Authentication) in Dynamics 365 Customer Engagement (on-premises)
Sample: Impersonate Using the ActOnBehalfOf Privilege
Impersonate Another User
Web Resources for Dynamics 365 Customer Engagement (on-premises)
[!INCLUDEfooter-include]