具有客户端凭据OAuth流程的Dynamics CRM 2016 Online Rest API [英] Dynamics CRM 2016 Online Rest API with client credentials OAuth flow
问题描述
我正在尝试通过Dynamics CRM 2016 Online和Azure Active Directory进行身份验证。我能够按照这里的所有步骤进行操作:
I'm trying to authenticate with Dynamics CRM 2016 Online and Azure Active Directory. I was able to follow all the steps here:
https://msdn.microsoft.com/zh-cn/library/mt622431.aspx
和
https://msdn.microsoft.com/en-us/library/gg327838.aspx
,但是这些步骤演示了如何设置用户名身份验证流程。我想使用客户端凭证流。我在Azure AD中创建了一个新应用程序-一个Web应用程序。我有一个客户端ID和一个应用程序密钥,并且设置了Dynamics CRM Online的权限。我能够获取访问令牌,但是在随后的调用中会出现以下错误:
but these steps demonstrate how to set-up username authentication flow. I would like to use the client credentials flow. I created a new app in Azure AD - a web application. I have a client ID and an app key and I set-up the permissions for Dynamics CRM Online. I'm able to get the access token, but on subsequent calls I get this error:
HTTP错误401-未经授权:访问被拒绝
HTTP Error 401 - Unauthorized: Access is denied
我错过了一步吗?有人知道某处的帖子提供了如何使该流程正常工作的详细信息吗?
Is there a step I missed? Does anybody know of a post somewhere that provides details on how to get this flow working?
这是我的代码:
string clientId = "<client id>";
string appKey = "<app key>";
// Get the authority and resource URL at runtime
AuthenticationParameters ap = AuthenticationParameters.CreateFromResourceUrlAsync(new Uri("https://<org address>/api/data/")).Result;
String authorityUrl = ap.Authority;
String resourceUrl = ap.Resource;
// Authenticate the registered application with Azure Active Directory.
AuthenticationContext authContext = new AuthenticationContext(authorityUrl);
ClientCredential clientCredential = new ClientCredential(clientId, appKey);
AuthenticationResult result = authContext.AcquireToken(resourceUrl, clientCredential);
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
HttpResponseMessage response = client.GetAsync("https://<org address>/api/data/v8.1/EntityDefinitions").Result;
推荐答案
您需要添加应用程序用户并分配CRM中的自定义安全角色。在 https://stackoverflow.com/a/48554845/3799784
You need to add an "Application user" and assign a custom Security Role in CRM. See my answer in https://stackoverflow.com/a/48554845/3799784
这篇关于具有客户端凭据OAuth流程的Dynamics CRM 2016 Online Rest API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!