Skip to content

Latest commit

 

History

History
122 lines (82 loc) · 6.54 KB

walkthrough-register-app-active-directory.md

File metadata and controls

122 lines (82 loc) · 6.54 KB
Raw
title description ms.custom ms.date ms.reviewer ms.suite ms.tgt_pltfrm ms.topic applies_to helpviewer_keywords ms.assetid caps.latest.revision author ms.author search.audienceType
Walkthrough: Register a Dynamics 365 Customer Engagement app with Active Directory (Developer Guide for Dynamics 365 Customer Engagement (on-premises))| MicrosoftDocs
This walkthrough describes how to register an application with Azure Active Directory so that it can connect to the Dynamics 365 Server, authenticate using OAuth, and access the web services
03/29/2019
pehecke
article
Dynamics 365 Customer Engagement (on-premises)
mobile, modern
register, registration
app
dd48aa30-7b05-4b15-a039-ff6522da8613
57
JimDaly
jdaly
developer

Walkthrough: Register a Dynamics 365 Customer Engagement app with Active Directory

This walkthrough describes how to register a desktop client or mobile application so that it can connect to and authenticate with the Dynamics 365 Server and access the Web services. Once registered, an application can access the Web services using HTTP requests with the Web API or by the SDK API for .NET.

[!INCLUDEcc_sdk_onpremises_note]

Prerequisites

For an on-premises or Internet-facing deployment (IFD):

  • A [!INCLUDEpn_windows_server_2012_r2] with [!INCLUDEpn_adfs_short].

  • You must have administrator access to the server hosting the Dynamics 365 Customer Engagement (on-premises) deployment services role and the [!INCLUDEpn_adfs_short] server.

  • The on-premises server must be configured to use claims authentication.

  • The redirect URL for your application. Instructions for finding that URL are provided in the section named Obtain the redirect URL.

Obtain the redirect URI

One method to obtain the redirect URI for a native client [!INCLUDEpn_ms_Windows_short] application is to execute the following line of code in a debug session of your application and examine the returned URI value. In a WinJS debug session, select the RawUri property.

string redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString();  
Dim redirectUri As String = WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString()  
Windows.Security.Authentication.Web.WebAuthenticationBroker.getCurrentApplicationCallbackUri()

The WebAuthenticationBroker class can be found in the Windows.Security.Authentication.Web namespace. Use the string value returned from the method call when you register the app.

For a non-[!INCLUDEpn_ms_Windows_short] native client application such as a console application, use any valid URI value. In this case, the URI doesn’t need to actually exist but it must be unique in the tenant.

App registration for Dynamics 365 Customer Engagement (on-premises) (IFD)

Scenario: A customer or other person registers a custom application to access organization data on a [!INCLUDEpn_crm_shortest] server provided by an ISV or Partner.

The ISV or Partner performs the following tasks:

  1. Configures the [!INCLUDEpn_crm_shortest] on-premises (IFD) server and [!INCLUDEpn_adfs_short] server using [!INCLUDEpn_PowerShell] commands that are provided later in this section.

  2. Provides the client ID and server address URL information to the customer.

The customer or other person performs the following tasks:

  1. Configures the external application by entering the client ID and server address URL in the app as instructed.

Dynamics 365 Server setup

To configure the [!INCLUDEpn_crm_shortest] server to enable federated claims, follow these steps.

Configure claims settings

  1. Log on as administrator on the [!INCLUDEpn_crm_shortest] server that hosts the deployment service role and open a [!INCLUDEpn_PowerShell] command window.

  2. Add the [!INCLUDEpn_crm_shortest][!INCLUDEpn_PowerShell] snap-in (Microsoft.Crm.PowerShell.dll). [!INCLUDEproc_more_information] Administer the deployment using Windows PowerShell

    Add-PSSnapin Microsoft.Crm.PowerShell

  3. Enter the following [!INCLUDEpn_PowerShell] commands.

    $ClaimsSettings = Get-CrmSetting -SettingType OAuthClaimsSettings  
$ClaimsSettings.Enabled = $true  
Set-CrmSetting -Setting $ClaimsSettings

AD FS server setup

To register the external application with [!INCLUDEpn_adfs_short], follow these steps.

Register the application in Active Directory

  1. Log on to the [!INCLUDEpn_adfs_short] server as administrator and open a [!INCLUDEpn_PowerShell] command window.

  2. Enter the following command.

    Add-AdfsClient -ClientId <CLIENT_ID> -Name <APP_NAME> -RedirectUri <REDIRECT_URI>

    Where <CLIENT_ID> is a unique number, <APP_NAME> is a name for the application, and <REDIRECT_URI> is any valid URI that [!INCLUDEpn_adfs_short] is to redirect to after authentication has completed. It is recommended that the client ID be a GUID. You can generate a GUID in [!INCLUDEpn_Visual_Studio] by opening the Tools menu and clicking Create GUID.

See also

Adding, Updating, and Removing an Application
Authenticate Users with Dynamics 365 Customer Engagement (on-premises)

[!INCLUDEfooter-include]