Legacy Dynamics 365 Integrations are Running Out of Time

What's Happening?

Microsoft is retiring their Office 365 authentication type, which is currently utilized by their Legacy Dynamics 365 SOAP API.  Microsoft states ->

"Effective February 4, 2020, the WS-Trust authentication type that is used by custom clients to connect to Dataverse is deprecated. … Effective April 2022, the authentication protocol will be retired for all new and existing environments within a tenant."

Why Is This Happening?

Microsoft is forcing integrations to utilize a secure authentication process, which also supports accounts protected by Multi-Factor Authentication.  Microsoft further states ->

"We are making this change to remove a security protocol (WS-Trust) that is inherently insecure by current encryption standards ... The WS-Trust security protocol, when used in conjunction with a user account and password, implements an authentication flow that presents both the user ID and password to the authenticating resource in 'clear text' form, relying solely on the transport encryption to provide security for the initial leg of the authentication, until such point as the token service returns an authentication token to use. Additionally, the WS-Trust protocol does not support modern forms of Multi-Factor Authentication and conditional access controls to customer data."

What Should You Do?

The short term fix is to change your authentication from Office 365 to OAuth. This may be a bit complicated if you are not already utilizing the CRMServiceClient class, and require a Dynamics developer to assist.

(Read More)

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Show Buttons
Hide Buttons