Dynamics 365 Portal – Authentication Deep Dive (Part 3) – Using the Third Party Auth Providers

In the previous post, we have discussed how to configure Azure AD B2C using the Open ID Connect method. One of the challenges that I had in my past experience is that the client has a strict requirement of data residency, due to the sensitivity of their business. Therefore, they are considering some 3rd party options that have their solution deployed in Australian data centre. Some of the options that we have explored are Auth0 and Okta.

The same principle of configuring Open ID Connect authentication, these 3 site settings records need to be created & configured:

  • Authentication/OpenIdConnect/[provider]/Authority
  • Authentication/OpenIdConnect/[provider]/ClientId
  • Authentication/OpenIdConnect/[provider]/RedirectUri

Note: The key part of configuring authentication always be getting familiar with the product and how to find the right equivalent information 😊

Example of 3rd party External Identity Provider: Auth0

First of all, we need to make the “Application” as the container of our configuration in Auth0 management portal.

Auth0-Create-App.png

Select the Regular Web App option (this will have pre-configured settings for the auth token required for the majority of web apps).

Auth0-Create-App2.png

Register the Allowed Origin and Callback URL(s) of our portal site. Mine is like below:

Auth0-Create-Config1.png

Take note of the client ID to be used for the portal configuration:

client-id.png

Expand the Advanced settings, take note the OAuth Authorization URL, this will be the value of “Authentication/OpenIdConnect/[provider]/Authority”

Auth0-Authorize.png

Configure the site settings to have the following items:

Auth0-site-settings.png

Quick Demo:

Auth0-Demo.gif

Example of 3rd party External Identity Provider: Okta

Similarly, when configuring Okta, need to set up the application as the container of our web app authentication configurations.

create-app-okta.png

When creating the application, select the Web application

create-app-okta2.png

Configure the base URL, login redirect URL(s) & the Grant Type. I choose the below option (mimicking the Auth0/Azure AD B2C settings). Also, take note of the client ID.

create-app-okta3.png

Okta_Client_ID.png

To find the “Authentication/OpenIdConnect/[provider]/Authority” value, navigate to the API section and take note of the issuer URI

Okta-auth-server.png

And add the Portal Base URL as the allowed/trusted origin

Okta-auth-server-allowed.png

Then finally set up the site settings as below for Okta Auth:

Okta-site-settings.png

Okta Auth Demo

Okta-Demo.gif

Conclusion

I hope the flexibility of the Authentication framework that the Dynamics 365 Portal offers would help you to be able to leverage your existing IDP/Auth provider to connect to Dynamics 365 Portal easily.

In the next post, I will discuss some tips & tricks to get a more seamless end-user experience authenticating to the portal.

Hope this helps!

Advertisements

2 thoughts on “Dynamics 365 Portal – Authentication Deep Dive (Part 3) – Using the Third Party Auth Providers

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s