Apurv's Dynamics 365 Blog

Code Samples & Troubleshooting Tips on Dynamics 365!

Implementing authentication using CRM v4 SDK

This post will talk about the various methods used in authenticating with CRM using its Sdk. I will also explain the usage of each method and property. There are various modes in which authentication in CRM can be performed.

  1. Active Directory
  2. Live Authentication
  3. SPLA

The below code describes the authentication done with CRM On-Premise version. The connection used in this is Active Directory. I’ve mentioned the comments before each function and code line which can talk about the action itself. The recommendation is to follow a sequence of the steps as mentioned below.

The function has parameters with NetworkCredentials class, which will take the credentials from your UI Layer (Presentation Layer). I’ve use a condition to check if you want to hardcode the credentials which implies that the function will use credentials you’ve provided otherwise it will take current user logged in. It all depends how you want to customize your class.

        /// <summary>
        /// This function will return the CRM Service Instance for CRM OnPremise – Active Directory
        /// </summary>
        /// <param name=”networkCredential”>Default Credentials or hard code credentials</param>
        /// <param name=”isUseHardCredential”>Set to True if you want to hard code the credentials</param>
        /// <param name=”isSSL”>Check if the SSL is enabled</param>
        /// <param name=”organizationName”></param>
        /// <returns>This returns the instance of CRM Service</returns>
        public static CrmService GetCRMServiceInstance(NetworkCredential networkCredential, bool isUseHardCredential, bool isSSL, string organizationName)
            //Defining the Authentication Token
            CrmAuthenticationToken token = new CrmAuthenticationToken();
            token.AuthenticationType = (int)AuthenticationType.ActiveDirectory;
            //Specify the organizatio Name
            token.OrganizationName = organizationName;

            CrmService crmService = new CrmService();
            crmService.Credentials = isUseHardCredential ?
                networkCredential = new NetworkCredential(“UserName”, “Password”, “Domain”) : CredentialCache.DefaultCredentials;
            if (isSSL)
                crmService.Url = String.Format(“{0}://{1}/MSCRMServices/2007/CrmService.asmx”, “https”, “<<Local URL>>”);
                crmService.Url = String.Format(“{0}://{1}/MSCRMServices/2007/CrmService.asmx”, “http”, “<<Local URL>>”);
            crmService.CrmAuthenticationTokenValue = token;
            return crmService;


Coming back to how you can use the Windows Live authentication for CRM to let you in. The steps are pretty much similar which additionally require a function taking care of Windows Live with discovery service. Microsoft has hosted the global URLs for developers to access the CrmSerivce/CrmDiscovery. This is defined in Sdk Guide with complete details. I’ve tried to explain the procedure with below example. The comments in function will explain you more.

Please note: The Sdk provides the Windows Live authentication wrapper class called “IdCrlWrapper.dll”.

        /// <summary>
        /// This function will return the CRM Service Instance for CRM Online Organization – Live Authentication
        /// </summary>
        /// <returns></returns>>
        public static CrmService GetCRMServiceInstance()

            //Initialize the discovery service
            discoveryService = new CrmDiscoveryService();
            //Get the discovery instance from a function which will connect to Windows Live authentication class.
            this.discoveryService = this.GetDiscoveryInstance();

            //Get the ticket response
            RetrieveCrmTicketRequest crmTicketRequest = new RetrieveCrmTicketRequest();
            crmTicketRequest.OrganizationName = organizationFriendlyName;
            crmTicketRequest.PassportTicket = passportTicket;
            RetrieveCrmTicketResponse crmTicketResponse = (RetrieveCrmTicketResponse)discoveryService.Execute(crmTicketRequest);

            CrmAuthenticationToken token = new CrmAuthenticationToken();
            token.AuthenticationType = 1;
            token.CrmTicket = crmTicketResponse.CrmTicket;
            token.OrganizationName = crmTicketResponse.OrganizationDetail.OrganizationName;

            CrmService crmService = new CrmService();
            crmService.Url = crmTicketResponse.OrganizationDetail.CrmServiceUrl;
            crmService.CrmAuthenticationTokenValue = token;
            return crmService;

        public CrmDiscoveryService GetDiscoveryInstance()
            discoveryService = new CrmDiscoveryService();
            discoveryService.Url = String.Format(“https://{0}/MSCRMServices/2007/{1}/CrmDiscoveryService.asmx”, “dev.crm.dynamics.com”, “Passport”);
            RetrievePolicyRequest policyRequest = new RetrievePolicyRequest();
            RetrievePolicyResponse policyResponse = (RetrievePolicyResponse)discoveryService.Execute(policyRequest);
            LogonManager logonManager = new LogonManager();
            passportTicket = logonManager.Logon(username,password, organizationFriendlyName + “.crm.dynamics.com”,
                    policyResponse.Policy, environment);
            return discoveryService;

I’ve also uploaded the program.cs file for your reference to use windows live authentication.

My next update will cover the SPLA authentication mode.



  1. How to: Add the CrmDiscoveryService Web Reference: CRM Online
  2. How to: Add the CrmService Web Reference: CRM Online