提供令牌的 Dynamics CRM 401

Question

I'm working on a dynamics crm integration for a Single-Tenant Server-to-server authentication. This is required to obtain tokens invisibly as the data will be used to create customer facing ui.

Therefore I'm getting a token back from Azure using the client_credentials grant type. However when I attempt to use this token to access any dynamics endpoint (such as those documented here: https://msdn.microsoft.com/en-us/library/mt607871.aspx ) All I get back is a 401 - access denied.

I've done the following:

• Create an Azure application

• Created and stored a key

• Enabled permissions for Dynamics CRM online

I've seen some suggestion that I need a service user in the CRM itself to provide access, however when I try and create one the options described do not appear. (such as here: https://msdn.microsoft.com/en-us/library/mt790170.aspx#bkmk_ManuallyCreateUser )

Can you suggest any steps I might be missing here?

Heres a sample call using the token

{ method: 'GET',
url: 'https://<snip>/api/data/v8.2/accounts?$select=name&$top=3',
headers:
{ Authorization: 'Bearer <snip>',
Accept: 'application/json',
'OData-MaxVersion': '4.0',
'OData-Version': '4.0' }
}

EDIT: Please note that I am using node.js here and C# / .net based answers are probably not going to be massively helpful

Answer 1

Here is a post on how to configure server to server auth . Assuming you ran through all the steps except creating the application user, you can do so by:

1. In CRM Navigate to Settings->Security->Users
2. Change the view from "Enabled Users" to "Application Users"
3. From the new user form change the form from "User" to "Application User".

You should now be able to create your application user.