具有客户端凭据OAuth流程的Dynamics CRM 2016 Online Rest API [英] Dynamics CRM 2016 Online Rest API with client credentials OAuth flow

查看:108
本文介绍了具有客户端凭据OAuth流程的Dynamics CRM 2016 Online Rest API的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试通过Dynamics CRM 2016 Online和Azure Active Directory进行身份验证。我能够按照这里的所有步骤进行操作:

I'm trying to authenticate with Dynamics CRM 2016 Online and Azure Active Directory. I was able to follow all the steps here:

https://msdn.microsoft.com/zh-cn/library/mt622431.aspx

https://msdn.microsoft.com/en-us/library/gg327838.aspx

,但是这些步骤演示了如何设置用户名身份验证流程。我想使用客户端凭证流。我在Azure AD中创建了一个新应用程序-一个Web应用程序。我有一个客户端ID和一个应用程序密钥,并且设置了Dynamics CRM Online的权限。我能够获取访问令牌,但是在随后的调用中会出现以下错误:

but these steps demonstrate how to set-up username authentication flow. I would like to use the client credentials flow. I created a new app in Azure AD - a web application. I have a client ID and an app key and I set-up the permissions for Dynamics CRM Online. I'm able to get the access token, but on subsequent calls I get this error:


HTTP错误401-未经授权:访问被拒绝

HTTP Error 401 - Unauthorized: Access is denied

我错过了一步吗?有人知道某处的帖子提供了如何使该流程正常工作的详细信息吗?

Is there a step I missed? Does anybody know of a post somewhere that provides details on how to get this flow working?

这是我的代码:

        string clientId = "<client id>";
        string appKey = "<app key>";

        // Get the authority and resource URL at runtime
        AuthenticationParameters ap = AuthenticationParameters.CreateFromResourceUrlAsync(new Uri("https://<org address>/api/data/")).Result;
        String authorityUrl = ap.Authority;
        String resourceUrl = ap.Resource;

        // Authenticate the registered application with Azure Active Directory.
        AuthenticationContext authContext = new AuthenticationContext(authorityUrl);
        ClientCredential clientCredential = new ClientCredential(clientId, appKey);

        AuthenticationResult result = authContext.AcquireToken(resourceUrl, clientCredential);

        HttpClient client = new HttpClient();
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
        HttpResponseMessage response = client.GetAsync("https://<org address>/api/data/v8.1/EntityDefinitions").Result;


推荐答案

您需要添加应用程序用户并分配CRM中的自定义安全角色。在 https://stackoverflow.com/a/48554845/3799784

You need to add an "Application user" and assign a custom Security Role in CRM. See my answer in https://stackoverflow.com/a/48554845/3799784

这篇关于具有客户端凭据OAuth流程的Dynamics CRM 2016 Online Rest API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆