What I want to achieve : We are creating a custom web application, in which we are using azure active directory b2c as identity provider for our clients. So client register there and login into our web app.
But whoever does a signup in b2c is already a contact in our dynamics 365.
My Question is how do I associate b2c signup with existing contact record in dynamics 365.
Let me explain what I have tried so far.
Created an invitation through crm UI (manually). Contact is getting email of invitation in which we customized template ( included our web app url with invitation code automatically generated in it ) .
how to redeem code and that should link/associate/create an external identity.
Please refer to screen shot. I want to achieve like this. But this was done manually (as we can see in the screenshot that external identity is linked to contact. If I login with 'Stark Ned' external identity then my app knows which contact in crm it is tied to)
Any help is appreciated.
Thanks in advance
Related
I have Google Identity Platform setup for my app.
My app is also using Zoho Desk.
I want to use the Zoho Desk ASAP widget to display the help widget on my site. To automatically login my users (stored on the Google Identity Platform) into the Zoho Desk widget I need to setup SAML SSO User Authentication inside Zoho Desk.
These are the settings Zoho Desk asks for when setting up SAML SSO:
Remote Login URL
Remote Logout URL
Public Key (Provide Public Key in .txt or .pem extension file)
Algorithm (RSA or DSA)
Entity ID (Issuer)
But I have no idea where to find these details within the Google Identity Platform.
Inside Google Identity Platform I tried clicking "New identity provider" and choosing "SAML", but I can't find any of those details. In fact it seems they're asking for similar things.
I have a bot running on a hosting page where users are logged in using SSO.
I want to authenticate the user in the bot automatically when the bot starts and I do not want to use anAuthCard to do it. Just want to automatically authenticate the user without prompting anything to him, just using SSO.
I found an article that refers three ways to authenticate an user in the bot:
Sharing the client's user token directly with the bot via ChannelData
Using an OAuthCard to drive a sign-in experience to any OAuth provider
A third option, called Single Sign-On (SSO), that is in development.
And, according to the article my situation is:
WebChat in an authenticated website where the user is already signed in and the website has a token to the same identity provider but to a different app that the bot needs -> in the future, this is single sign-on, but for now you 'll need to use an OAuthCard.
Is there any update about this functionality? How can I authenticate the user into the bot without using an OAuthCard or a SigninCard?
Thanks in advance
Not sure if you have tried the option of using WebChat with Azure Bot Service’s Authentication which provides built-in authentication capability to authenticate chat users with various identity providers such AAD, GitHub, Facebook, etc.
If you are looking for this built-in feature, then probably you need to build your own custom built solution using Google sign-in by passing the token ID of the authenticated users. Or for an Account linking OAuth2 solution as explained in this link: How to implement Login in Dialogflow chatbot.
Microsoft guys Are looking at the issue now. you can track the progress here.
I implemented a solution that worked for me. I have the bot running in a .net core web app
Here's what I did:
Generate an userId before initializing the BotApp
When the user clicks on the button to open the webchat, I'm opening an authenticated controller in a popup that receives the generated userId. The page is authenticated, so you will need to authenticate. I store the userId in my DB, along with access_token and some user information. The controller should be created in the same webapp where the bot is running.
After storing all the information I close the tab and start the BotApp with the generated userId
In bot code you will be able to query your DB (using userId).
To wait until the popup close, you can have a look into this here.
I hope that this helps someone.
Best regards
I have developed a endpoint to be used for an skype bot but I have not hosted it in Azure so in order to be use skype channel I need registered it using Azure Bot Service (Bot Channels Registration). I did it but when I try create a App Password for that then Azure redirect me to Application Page and show me this message (In the image the message appears in Spanish but this is the translation):
The application no longer exists or is not associated with your
account.
I have tried clear the cache of my browser and try using private tab too but nothing happens.
The application no longer exists, or is not associated with your account.
Based on my test, if I login to Application Registration Portal using the account that is not used to create Bot Channels Registration bot service, I get same message. Please check the account you are using to login to Application Registration Portal and make sure that account is same one you used to create your Bot Channels Registration bot service.
Besides, please check if others know your account and delete that app. You can also try to create another Bot Channels Registration bot service and check if same issue appears.
This could be the account issue. But this does happen if you even create the new one. But what I do think is that there may be some sort of problem with the App Registration portal, or to be specific the link between the app registration portal API that generates auto id and password so if you are using the auto create Microsoft App ID and Password you would face this issue. But if you will do that manually from the App registration portal and use that in your bot channel or web app bot it should work fine. Hope that help.
Whether OutlookSDK at dev.outlook.com could access Office365 user data (calendars, contacts, mail)?
How's about Microsoft Graph API, could them be able access live.com users? (calendars, contacts, tasks, mail)?
I'm curious at this point, want to know what SDK is best for accessing both live.com user data and Office365 user data.
I already try Microsoft Graph API iOS SDK to authenticate Live Id user, but couldn't success, only able to authenticate Office365 user
OutlookSDK as well, unable to authenticate Office365 user, only able to authenticate Live ID
Thanks.
Carefully take a look at the instructions here: https://dev.outlook.com/RestGettingStarted/Overview
To write an app against both Office 365 and outlook.com you will need to register your application in the new application registration portal here: https://apps.dev.microsoft.com/Disambiguation?ru=https%3a%2f%2fapps.dev.microsoft.com%2f
Additionally you will need to make sure that your Outlook.com account has been upgraded to the new service. If it has not, then you will need to follow the instructions to request an account in the preview service from: outlookdev#microsoft.com or create a new account which should automatically be provisioned in the new service.
Yes - You can use Outlook APIs to access mail, calendars, and contacts for Office 365 users and Outlook.com
Also, You can use the Microsoft Graph API to access fixed entities like users, groups, mail, messages, calendars, tasks, and notes coming from services like Outlook, OneDrive, Azure Active Directory, Planner, OneNote and others.
I suggest using O365 APIs to do Live id user authentication - https://msdn.microsoft.com/en-us/office/office365/api/
Check this link as well: http://dev.office.com/getting-started/office365apis
I want to authenticate my mvc application by microsoft. I successfully done with Facbook, Google and Twitter, but when i click on Microsoft then the error `We're unable to complete your request
Microsoft account is experiencing technical problems. Please try again later`
is coming.
I successfully created an app and paste the Client ID and Client Secret in my mvc application . But I do not know the real problem
What is the return URL that you specified for the given Client ID and Client Secret? If the site is not running under that specific URL (e.g. is running under localhost whilst you are in dev mode), you can get this error message.
In my case I had my gmail account configured as my primary Microsoft Live account once I changed this to my Hotmail account as the primary account and then created a new app with a new name Client ID and Secret it started working for me.
The gmail account worked signing in as a gmail user on my app Identity Provider being Google to give some background this is the account I used as my Microsoft Account. I suspect my Microsoft account using my gmail user name and password confused the MS identity Provider thus resulting in the error. So avoid using a different Identity Providers credentials to authenticate with a different Identity provider if testing this. One account per Identity provider not associated to other Identity providers.
Since the Google account had been my primary for the other Identity Providers when I logged into the App as this I as essentially I suspect therefore already logged in with my Microsoft account.
Step 1:-
Open Application Registration Portal of Microsoft [https://apps.dev.microsoft.com] where you have Registered your Application.
You need to make change in Redirect URIs
For example :-
The URI which is Registered
URL:- http://localhost:8000
Change to make in URI :-
Just Add :- [/signin-microsoft] at end of URL It works
URL:- http://localhost:8000/signin-microsoft
Finally save your setting and try again it will work.
In my case, it failed when I used my personal Outlook account to login.
Once I switched to an Office 365 account, it started working.