dynamics-webapi-toolkit icon indicating copy to clipboard operation
dynamics-webapi-toolkit copied to clipboard
verified publisher icon AlexaCRM

OAuth for the Web API

Open lucasstark opened this issue 7 years ago • 7 comments

I'm wondering if OAuth for the Web API can be used here, and if so, any example of how one might get started doing that would be greatly appreciated!

Basically looking for the PHP version of: https://msdn.microsoft.com/en-us/library/gg327838.aspx

Thanks in advance.

lucasstark avatar Sep 10 '18 19:09 lucasstark

@lucasstark you are referring to OAuth client authentication, which is not quite the purpose of the library. While we may add that in the future, in the initial release we primarily target S2S authentication which uses client credentials grant.

However, you can provide your own implementation of OnlineAuthMiddleware implementation with authorisation code grant, which looks like what you're after. You can try using existing third-party libraries, e.g. OAuth2.

HTH George

georged avatar Sep 11 '18 06:09 georged

@georged: May I ask, how much time do you need to implement this feature? From my humble understanding it seems this feature is quite important on business level, if your company uses features like SSO for all internal webapps.

SynedatPranke avatar Apr 26 '19 13:04 SynedatPranke

@SynedatPranke it's not the question of time, it's the question of supply and demand. Yes, it'd be important for SSO however implementations of internal webapps using php is not that common in our experience. (Of course, I'm making a broad assumption that a company specializing in PowerApps / Dynamics 365 / CRM is most likely a .NET shop)

The most common scenario is an externally facing web site in WordPress, Drupal, Joomla that needs access to CDS / Dynamics 365 data. In this scenario S2S authentication is more appropriate. For example, we use the library in the upcoming version of the WordPress plugin (current version uses SOAP toolkit).

georged avatar Apr 28 '19 07:04 georged

I am getting the Message: Metadata request returned a 403 code while fetching record. Can you please suggest what am i missing ? I am connecting with crm like below with my dynamic credentials -

$settings = new \AlexaCRM\WebAPI\OData\OnlineSettings(); $settings->instanceURI = 'https://contoso.crm.dynamics.com'; $settings->applicationID = '00000000-0000-0000-0000-000000000000'; $settings->applicationSecret = 'Application Secret';

$settings->tlsVerifyPeers = false;

$middleware = new \AlexaCRM\WebAPI\OData\OnlineAuthMiddleware( $settings );
$odataClient = new \AlexaCRM\WebAPI\OData\Client( $settings, $middleware );
$client = new \AlexaCRM\WebAPI\Client( $odataClient );

$retrievedContact = $client->Retrieve( 'account', '00000000-0000-0000-0000-000000000000', new \AlexaCRM\Xrm\ColumnSet( true ) );

amanjlucid avatar Feb 10 '21 09:02 amanjlucid

@amanjlucid

  1. have you created an app user in Dataverse and granted that user a role?
  2. If yes then perhaps that role is insufficient to access the account record?

Otherwise I'd suggest wiring up logging to see more details about the error.

georged avatar Feb 10 '21 11:02 georged

Same to me, i did everything stated here

https://docs.microsoft.com/de-DE/powerapps/developer/data-platform/walkthrough-register-app-azure-active-directory

CaptainCannabis avatar Feb 12 '21 22:02 CaptainCannabis

Please start separate issues on the auth issues. This issue is about SSO in AD environments.

georged avatar Feb 12 '21 23:02 georged