How to connect to CRM using SDK (claims based authentication and custom STS)

lazarus picture lazarus · Aug 6, 2012 · Viewed 11.6k times · Source

I configured claims based authentication on my CRM instance. I'm using custom STS (Example available here) Now I want to access to web services from some test application. Does anyone have some example for this? I tried with same code for connection in case of windows auth. but, ofcourse, unsuccessful. I'm getting an error:

{"The authentication endpoint Kerberos was not found on the configured Secure Token Service!"}

This is code for connection (for AD authentication type):

OrganizationServiceProxy orgserv;
      ClientCredentials clientCreds = new ClientCredentials();
      ClientCredentials devCreds = new ClientCredentials();


        clientCreds.Windows.ClientCredential.UserName = "user";
        clientCreds.Windows.ClientCredential.Password = "P@$$w0rd";
        clientCreds.Windows.ClientCredential.Domain = "myDomain";
        IServiceConfiguration<IOrganizationService> orgConfigInfo =
                    ServiceConfigurationFactory.CreateConfiguration<IOrganizationService>(new Uri("https://myCRMServer/myOrg/XRMServices/2011/Organization.svc"));

        using (orgserv = new OrganizationServiceProxy(orgConfigInfo, clientCreds))
        {
          orgserv.ServiceConfiguration.CurrentServiceEndpoint.Behaviors.Add(new ProxyTypesBehavior());
          orgserv.EnableProxyTypes();
          connection = orgserv;
        }

I found somewhere that for claim based authentication is enough to send only UPN (User Principal Name). But the same error happens. I also tried with username/password combination and it was unsuccessful.

AuthenticationCredentials authCredentials = new AuthenticationCredentials();

...

authCredentials.UserPrincipalName = "user";

...

authCredentials.ClientCredentials.UserName.UserName = _userName;
authCredentials.ClientCredentials.UserName.Password = _password;

Error after this is: The authentication endpoint Username was not found on the configured Secure Token Service!

Answer

GoBeavs picture GoBeavs · Aug 24, 2012

If your just using the CRM 2011 web services interface I don't think claims even matters. The following code allows be to authenticate and connect to CRM 2011 and use the REST API

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net;
using System.IO;

namespace CRM_REST_FromConsoleApplication
{
    internal class Program
    {
        private static void Main(string[] args)
        {
            var url = new Uri(@"https://MyServer/MyOrganiation/xrmservices/2011/organizationdata.svc/AccountSet?$select=Name&$top=10");

            HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;

            //TODO: Set Credentials Here            
            request.Credentials = new NetworkCredential("USERNAME GOES HERE", "PASSWORD GOES HERE", "myDomain");


            using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
            {
                StreamReader reader = new StreamReader(response.GetResponseStream());

                Console.WriteLine(reader.ReadToEnd());
            }

            Console.WriteLine("Press any key to continue...");
            Console.ReadKey();
        }
    }
}