I would like to build a simple web site where a customer can place orders and view products. This data is my Microsoft Dynamics CRM 2011 Environment.
This data is customer specific, so i need information about the user which is logged in. User credentials are stored in CRM 2011. With these credentials users may login to this new custom website. They should not have access to the crm environment itself.
How should i setup authentication for this web site? Can i just query the user information in crm 2011, should I setup a ADFS application or something else?
The CRM Authentication Token is an encrypted alphanumeric string required to authenticate your Zoho CRM credentials. It is used to integrate your CRM account with third-party software and services.
Dynamics 365 Customer Engagement (on-premises) support three security models for authentication: claims-based authentication, Active Directory authentication, and OAuth 2.0 (IFD only).
Outlook Client Configuration To navigate to these options within Outlook, select File and then select CRM, and then Options. In the window that displays, click on the Email tab. Check the box that will check email in Outlook and an and determine that the email should be linked and saved as a CRM record.
Signing in to https://office.com Select the Dynamics 365 apps tile to go to the Dynamics 365 home page. If you're a system administrator, you'll see an Admin tile.
We just implemented something similar for a client of mine. We had around 5000 users that needed to be able to view and edit CRM data, but we didn't want to pay for the full CRM user licenses since the data they needed to update / view was rather small. All of the users were already in Active Directory, so we purchased Employee Self Service Client Access License (ESS CAL) licenses for each of the users. This type of user license doesn't have access to the CRM UI, so they could never actually log into CRM itself.
We used AD authentication on the website, with an app pool user that was a CRM super user account. On the initial load of the users's session, we grabbed the username from the context, and looked up the SystemUserId of the user in CRM, then used impersonation with the Service Proxy to only access and update the data that the user was allowed to. It worked really well.
One approach would be to create a set of system users (potentially, a single one might suffice) with access rights to the information that a certain set of web site users are supposed to have accessible.
Then, on your server hosting the web application, you could assign a role to each of the logged in visitors (that way, a certain system user instance in CRM will correspond to a role for a set of your visitors).
The login procedure against the web site is really up to you. The connection between the application and the CRM servers is, I believe, most securely set if you keep them on the same physical machine, if that works for your particular set up.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With