This feature is only available for DocumentsCorePack Client and TelephoneIntegration Client
This article provides you with 2 step-by-step instructions on how to enable MFA Support and on how to configure the 2Factor authentication in your client’s connection profile.
To enable MFA support for our client products, you have to register a custom application with Azure AD. It will manage your addons’ access rights.
Explanation of terms:
ApplicationId/ClientId (often used interchangeable with one another) means a GUID, which is the unique identifier for an Azure Application.
RedirectUri is the logical construct ONLY and DOES NOT require to be an actual URL. It is recommended to stick with the value used in this documentation.
How to setup Windows Active Azure
Log on to https://manage.windowsazure.com/
(Should you have no subscription yet, you can get a free trial at http://www.azure.com/. Please note: A CreditCard number is required!).
Within Microsoft Azure, select Active Directory (1) and choose the directory in which you want to register the application (2).
Select the Develop Applications-tab to create a new application. Then select Add an application you’re developing.
This brings up a dialog box. Please insert mscrm-addons.com DocumentsCorePack or mscrm.-addons.com TelephoneIntegration Client as name.
Please note: it is of upmost importance to select Native Client Application as the type of application.
In the next dialog box, supply http://www.mscrm-addons.com as Redirect URI. (Take whatever you like, the URL does not even need to exist.)
Then confirm to finish the registration.
Scroll down to permissions to other applications and click on the [Add application]-button (1):
This brings up a new window. Click on (+) in the Add Dynamics CRM Online-line.
As soon as Dynamics CRM Online shows up in the selected section, confirm your changes.
Grant access to CRM by ticking the corresponding checkbox.
Figure 12: Grant access to CRM
Finally, click on the [Save]-button in order to save the configuration.
How to configure the 2Factor authentication in your Clients connection profile
When you enable CRM Online in your client’s connection profile, a new checkbox appears (1) that allows you to use 2Factor authentication. If you check the box, a new tab is brought up (2).
Figure 14: Clients Connection profile
Remember the ApplicationID you have – hopefully – noted before? On the new tab, it is time to enter the ApplicationID and redirect URI of the newly created application in Azure.
Figure 15: Application ID and redirect URI
Switch back to the CRM Connection-tab to continue.
When you click on the [Retrieve all Organizations]-button on the CRM Connection-tab now, the Multifactor Authentication will be launched in a new window. Please note: the MFA authentication saves a cookie on your computer and the login window might not always appear.
Figure 16: Multifactor Authentication launched in new window
(blog still being reviewed)