How do I authenticate my (desktop) user to a local Outlook exchange server using EWS when posting a Service Request without manually inputting my network credentials via the NetworkCredential class? is this only possible via Office365 online (Non desktop)?
Related
I am trying to follow this post to let my web application authenticate with ADFS before calling CRM.
Apache CXF client for claims-mode xRM (Microsoft Dynamics CRM 2011)?
I am not sure what kind of user I should create in ADFS in order to access CRM. What is the proper permission or user roles?
Also UserNameWSTrustBinding_IWSTrust13Async policy uses this endpoint https://yourcompany.com/adfs/services/trust/13/UsernameMixed
Do I need to disable this endpoint to make my app work? It was mentioned here the endpoint needs to be disabled.
https://community.dynamics.com/crm/f/microsoft-dynamics-crm-forum/144495/the-authentication-endpoint-username-was-not-found-on-the-configured-secure-token-service
I am currently in the process of trying to get the data from Dynamics CRM (Office 365 - E5) using the Web API query method like api.crm.dynamics.com/api/data/v8.2/accounts?$select=accountid,name,new_gl_exp,new_autol_exp
I will include this api within the external application (Developed using HTML & Javascript) & hosted in on-premises IIS
I have done the basic setting in both CRM & Azure and got the token after logged it in login.microsoft.com
Questions
How can we get authenticate without enter the username & password in the login.microsoftonline.com
Is there way to bypass this login (like passing client,tenet, client secret id as parameter to login.microsoft.com) or any REST API?
We are using separate login for application so we will have to use two login
Application login
login.microsoft.com for Dynamics CRM
Web API authentication patterns
There are three different ways to manage authentication when using the Web API.
With JavaScript in web resources
When you use the Web API with JavaScript within HTML web resources, form scripts, or ribbon commands you don’t need to include any code for authentication. In each of these cases the user is already authenticated by the application and authentication is managed by the application.
With on-premises deployments
When you use the Web API for on-premises deployments you must include the user’s network credentials. The following example is a C# function that will return an HttpClient configured for a given user’s network credentials:
private HttpClient getNewHttpClient(string userName,string password,string domainName, string webAPIBaseAddress)
{
HttpClient client = new HttpClient(new HttpClientHandler() { Credentials = new NetworkCredential(userName, password, domainName) });
client.BaseAddress = new Uri(webAPIBaseAddress);
client.Timeout = new TimeSpan(0, 2, 0);
return client;
}
With Microsoft Dynamics 365 (online) or internet facing deployments
When you use the Web API for Dynamics 365 (online) or an on-premises Internet-facing deployment (IFD) you must use OAuth as described in Connect to Microsoft Dynamics 365 web services using OAuth.
If you’re creating a single page application (SPA) using JavaScript you can use the adal.js library as described in Use OAuth with Cross-Origin Resource Sharing to connect a Single Page Application to Microsoft Dynamics 365.
https://msdn.microsoft.com/en-us/library/mt595798.aspx
I want to access Microsoft Dynamics 365 online.
It is the first time I am working with this tool.
I want to access this through API.
I have gone through the following links :
Link 1
Link 2
It shows that AUTHORIZATION_URL or clientid or tokenendpoint
are needed.
I have a simple MSD 365, I only have username and password with me.
So I am not able to understand how to connect to MSD 365.
My simple question is, is it possible to access/connect using username and password?
Or is it mandatory to have all these details?
If you are planning to use Dynamics CRM 365 web api inside CRM context like Javascript web resource then no need.
If planning to use it in any external app (developed using nodejs, python) then need to register App in Azure AD to get App client Id and get login token for accessing web api.
Second link example uses adal.js to get token directly using username & password without clientid.
I'm able to authenticate with live.com with my account on outlook.com at url
https://login.microsoftonline.com/common/v2.0
I receive an accessToken and id token.
My question is whether I can use this accessToken to retrieve exchange data about my emails through EWS API service using this token? ExchangeService.
_exchangeService = new ExchangeService(ExchangeVersion.Exchange2007_SP1) { ConnectionGroupName = Guid.NewGuid().ToString() };
_exchangeService.Credentials = new WebCredentials("xxxxxxx", "xxxxxxxx", "outlook.com");
// _credentials = new OAuthCredentials(user.PasswordToken);
// Set the URL.
_exchangeService.TraceEnabled = true;
_exchangeService.AutodiscoverUrl("xxxxx")
Authenticate to Outlook 365 through the ExchangeService.asmx in the following URL for exchange service as done in the following sample.
> https://outlook.office365.com/EWS/Exchange.asmx
My question is whether I can retrieve email data from exchange service ASMX with the idToken/accessToken supplied from live.com for outlook.com accounts?
It seems like the retrieving of data with EWS Managed API is not supported with outlook.com accounts.
you can read (in the yellow section) about it here and also here.
Basically, there are 2 portals today that apps can be created with:
Application Registration portal
Azure management portal
It states that for these reasons outlook.com accounts are not supported:
New app registrations should be created and managed in the new Application Registration Portal to be compatible with Outlook.com. This means that if you have an app that was created thru Azure Management Portal it will not be supported with outlook.com and the token will not work with outlook.com accounts.
Existing app registrations that were created in the the Azure Management Portal will continue to work for Office 365 only
Also if you created your app with Application Registration Portal The REST API is currently enabled on all Office 365 accounts that have Exchange Online and only some Outlook.com accounts. this means it is not guaranteed to all outlook.com accounts because they haven't migrated all of them (yet).
Microsoft accounts with Outlook.com mailboxes (including Outlook.com, Hotmail.com, Live.com, MSN.com, and Passport.com) are in the process of being upgraded to enable the REST APIs. During this process, making API calls to mailboxes that are not yet upgraded will return a MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI error code.
I believe EWS still works for Outlook.com accounts with BASIC(username,password) auth. We used to use it before migrating to Graph API. You'd need to ask your Outlook users to generate a special App Password though.
To simplify your Exchange/Outlook integrations check out Aurinko API
Whether OutlookSDK at dev.outlook.com could access Office365 user data (calendars, contacts, mail)?
How's about Microsoft Graph API, could them be able access live.com users? (calendars, contacts, tasks, mail)?
I'm curious at this point, want to know what SDK is best for accessing both live.com user data and Office365 user data.
I already try Microsoft Graph API iOS SDK to authenticate Live Id user, but couldn't success, only able to authenticate Office365 user
OutlookSDK as well, unable to authenticate Office365 user, only able to authenticate Live ID
Thanks.
Carefully take a look at the instructions here: https://dev.outlook.com/RestGettingStarted/Overview
To write an app against both Office 365 and outlook.com you will need to register your application in the new application registration portal here: https://apps.dev.microsoft.com/Disambiguation?ru=https%3a%2f%2fapps.dev.microsoft.com%2f
Additionally you will need to make sure that your Outlook.com account has been upgraded to the new service. If it has not, then you will need to follow the instructions to request an account in the preview service from: outlookdev#microsoft.com or create a new account which should automatically be provisioned in the new service.
Yes - You can use Outlook APIs to access mail, calendars, and contacts for Office 365 users and Outlook.com
Also, You can use the Microsoft Graph API to access fixed entities like users, groups, mail, messages, calendars, tasks, and notes coming from services like Outlook, OneDrive, Azure Active Directory, Planner, OneNote and others.
I suggest using O365 APIs to do Live id user authentication - https://msdn.microsoft.com/en-us/office/office365/api/
Check this link as well: http://dev.office.com/getting-started/office365apis