{Dynamics 365 + ADX portals} Using site setting to disable external authentication in Dynamics 365 portals.

In my previous blog posts, I have explained on how to enable custom authentication for your Dynamics 365 portals (ADX portals) with Identity providers like Azure Active Directory & Google/ facebook.

Link for  those:

Azure Active Directory – https://debajmecrm.com/2017/06/12/dynamics-365-portal-authentication-with-external-identities-part-i-authentication-with-azure-active-directory/

Google – https://debajmecrm.com/2017/06/13/dynamics-365-portal-authentication-with-external-identities-part-ii-authentication-with-google-account/

Below are the options my user get when they try to sign in or register in my portal.


So what in case you get a requirement to disable all these external authentication modes. Thinking that you might need to delete all the configurations. You worked so hard in setting this all up and you now need to delete them all. What if you need to re-enable again?

Well there is a life savior for you when it comes to D365 Portals. And believe me, it’s just creating a new site setting or changing the value if the site setting already exists.

Go to CRM –> Portals –> Site Settings.



In the list of Site Settings already present, search for the one with the Name = Authentication/Registration/ExternalLoginEnabled

If found open the existing record or create if not found.

Change the value of this record to false. Your setting should have the values in the below screenshot.



Save & Close the record.

Now go to your portal and refresh. You would see that the custom authentication options are no longer visible.



So in case you need to turn this back on, all you need to do is to go to your Site Settings and turn this flag back to true.


Simple isn’t it and I hope liked it.

-Debajit Dutta (Dynamics MVP)

For consulting & training, please drop a note to info@xrmforyou.com

(Visit our products page – http://www.xrmforyou.com/products-1.html to know more about our offerings)

(Dynamics 365 + ADX) Portal Authentication with External Identities Part-II – Authentication with Google Account

In my previous blog, I have explained on how to authenticate your Dynamics 365 portals with Azure Active Directory. You can read it here – https://debajmecrm.com/2017/06/12/dynamics-365-portal-authentication-with-external-identities-part-i-authentication-with-azure-active-directory/

However these days it’s common to come across websites which have options to sign-in with Google and Facebook.

Why are lovely portals be behind in this. And in case you are unaware, D365 portals has the support to configure this kind of authentication with Google and Facebook in a very simple way. So let’s explore on how to do this.


Step 1: Register your portal with Google API’s


Go to Google API Console – https://console.developers.google.com/projectselector/apis/library

Click on Credentials



In Create Credentials dropdown, Click on OAuth Client.



In the screen that comes up, Enter the below details



Name – This can be anything you want. I have named it as Microsoft portal identifier.

Authorized Javascript origins –  This is basically your D365 portal URL from where the request would originate.

Authorised redirect URIs – This is basically the call back URL once the validation is successful. As you can see I have entered https://xrmtr1.microsoftcrmportals.com/oauth2callback

Click on Save.

Once saved, you could see your client_id and client_secret. We do not need the client secret here. Just keep a note of the client id.



Step 2: Modify the Site Settings in Dynamics CRM


Go to CRM-> Portals-> Site Settings.

We need to create three site settings records here.

The first record would be identify the Authority URI from where we need to get the token.


I have put the  name as – Authentication/OpenIdConnect/Google Sign In/Authority. The part in bold is basically the name of the button as you want to show up in the login screen.


Second record of Site settings is to capture the value of the Client ID registered with the Google API’s



The third record is to capture the value of the redirect URI. This is the same value that you should put while registering D365 portal in Google API in Step 1.



And you are done.

Now when you try to register in your CRM portal, you could see the magical ‘Google Sign In’ button. Whooo. it was so complex Smile


Any body with a Google account can now register with your portal.




You would be asked for consent as per OAuth 2.0 protocol.



Once you provide your email and click on ‘Register’ you are done.



So simple and yet so powerful extensibility for your portals.


Hope you liked this post.


-Debajit Dutta (Dynamics MVP)

For Training and consulting please visit www.xrmforyou.com

(Visit our products page – http://www.xrmforyou.com/products-1.html to know more about our offerings)

Dynamics 365 (ADX) Portal Authentication with External Identities Part-I – Authentication with Azure Active Directory

Lately I have been working a lot on Dynamics 365 portals a lot and also delivering some trainings on the same. Don’t get much of a chance to work on Dynamics 365 portals (previously ADX portals), but when I get an opportunity, I make sure I don’t miss it.

And as I have been conducting training on CRM portals, I come across a lot of questions on Authentication of Dynamics 365 portals with external identities like Azure Active Directory/ Google/ Facebook. In the interest of my blog reader I have decided to pen down in detail on how to configure for such scenarios.

This blog will be a two part series. In this blog I will show you from scratch on how to set up Authentication of your Dynamics 365 portals with Azure Active Directory. In the next part I will show from scratch on how to set up the same with Google account.

First things first.

Launch a trial of Customer Portal for your Dynamics CRM. It’s pretty easy and I assume you know this. If not there are plenty of awesome articles which show on how to do the same. One such being – http://dynamicscrmcoe.com/install-dynamics-365-portals/

Ok. So we have our CRM portal set-up.

The following are my details:

Portal URL – https://xrmtr1.microsoftcrmportals.com

CRM URL – https://xrmtr50.crm8.dynamics.com


The first time when you launch the portal and try to sign in, you would be presented with a screen like below.


Because we are going to register the user with Azure AD, so click on the Register Tab.


Ok. So we already have a button called ‘Azure AD’ for registering the user. However as I told you, we will do it from scratch. So we will place our own custom button which when clicked will authenticate with our azure Active Directory. And in case you might be wondering, the Azure active directory will be a different domain than our Dynamics CRM domain (xrmtr50.onmicrosoft.com) for which the portal is configured.

So lets go with the set-up.

Step – 1 : Register your Dynamics 365 Portal application with Azure Active directory.

Login to your Azure subscription using https://portal.azure.com and search for Azure Active Directory



Click on App Registrations and then ‘New Application Registration’




Enter the details as required.


Name of the application – “Customer Portal Identifier”. This can be your any name you desire.

Application Type – Select Web app/ API

Sign-on URL – Enter the url of your D365 portal. In my case it is https://xrmtr1.microsoftcrmportals.com

Click on the Create Button.



Once done, you should see your App being listed here.

Click on the Application. You could see the Application ID. Note it down. We are going to use it later.



Click on Endpoints.



Take your federation metadata URL.



The federation metadata URL would look like below.


Remove the federation metadata URL and note the remaining URL. It would be in this format. https://login.windows.net/95564beb-4dc8-43c2-bdda-12cea2056346

Note it down. We are going to use it in the Next step.


Step 2: Setting up the Site Settings to Authenticate with our custom Azure AD.


Open your CRM and go to Portal –> Site Settings.



Click on New to Create a New Site Setting.



Carefully observe the name field – Authentication/OpenIdConnect/Azure AD Custom/Authority. The highlighted part in bold is your custom provider name that you want to show up in the portal.

In the value field, we have put the URL we got from the previous step.

Save & Close this.


Click new to create a new Site Setting


Here we are putting the Client ID. Put the same Client ID that we got when we registered our CRM Portal with Azure AD.


Now click again for a last time to create a new Site Setting and enter the below information.



Here we are setting the Redirect URL. This is URL which will be called back once the authentication is successful. In this case it’s our D365 Portal.

Save & Close.

So we are all set.


Now come to the login screen again and voila! Your new button is right there.



Click on the button. And you would be redirected to the login screen.

Once you enter the credentials of a user who belongs to your Azure Active Directory, you are registered in the portal



You will be asked to accept.



Once done, you will be logged in.

Wonderful isn’t it.


In my next post I would be walking in depth to configure your D365 portals with Google account. Here is the link for the same.


Hope you like this.


-Debajit Dutta

(Dynamics MVP)

(Visit our products page – http://www.xrmforyou.com/products-1.html to know more about our offerings)

{Dynamics 365/ CRM} Access your cell values easily during on-change event of field in Dynamics CRM editable sub-grid.

It’s been some time that I wrote a blog. Been busy with the deliverable and tied up in loads of personal stuffs. However finally took out the time to pen down this small post which you might find useful.

So here I was in business as usual, writing some scripts on change of cell values in editable sub-grid. Just to mock up the requirement, the client had the following schema.

  • Parent entity
  • Child Entity. (bearing N:1 relationship with the Parent Entity)
  • There is an editable sub-grid of Child entity on the form of the Parent Entity
  • The Child Entity has three fields being shown on the editable grid
    • Name
    • Field 1
    • Field 2
  • On Change of Name in any of the rows of the sub-grid, the Field 1 should be set required as well as some default values should be shown in the field

You might be thinking, won’t a business rule do this. Yes certainly. And if your requirement is just as simple, then always go ahead with business rules. However for my client, the field values were based on some business logic and required to be set using complex operators which is unfortunately not possible using business rules.

And if you are stuck in the same situation, please read on.

Pretty simple isn’t it. So let’s first register on-change of the ‘Name’ field of the sub-grid. You might already be knowing this on how to do it, but there may be a small twist in the tale. So keep reading Smile

  • Open the form of the Parent Entity.
  • Highlight the sub-grid of the Child Entity on the Parent Entity and Click on Change Properties
  • In the pop-up dialog, go the Events Tab.


  • In the form properties, upload the webresource containing the script for the on-change of the name field.
  • In the Event Handlers section, select Field = “Name”


Click on Add, and then select the appropriate library. Put the function name which should be called on the on-change.



Before you close it out just like another mundane operation, please make sure “Pass Execution context as first parameter” is checked. We are going to need it a lot.

Save & Publish the form changes.

Now coming to the code. I have been surprised that there is very less of examples to show how to access field values on-change of cell values in editable sub-grid. So decided to pen this down.

Now coming to the function. Lets first see what is written. Off-course, your function is going to look lot more complex. However the basic framework to access the attributes and get/ set field values and other stuffs still remains the same.

function NameChange(eContext)
// get the attribute which fired the onchange.
var nameAttr = eContext.getEventSource();

    // get the container for the attribute.
var attrParent = nameAttr.getParent();

    // get the value of the name.
var name = nameAttr.getValue();

    // var field1 Attribute
var field1 = attrParent.attributes.get(“new_field1”);

    field1.setValue(“<default value for field 1>”);

    // set field as mandatory.


Ok. so let’s analyze bit by bit.

The first is to get the attribute which changed. the below line does exactly the same. And this is the reason why you need to check

var nameAttr = eContext.getEventSource();

The next is to get the gridRow object which contains the Name Attribute.

    var attrParent = nameAttr.getParent();

Although not used much, the getParent() is documented by Microsoft the Xrm.Page.ui.client control reference. Although I need to make sure whether calling it on attribute is supported or not. I will update on this blog only after my findings.


The remaining of the code is self explanatory. And you can see in this way, how easily you can access the attributes of the row which has been affected. And below is how it looks after I change the Name field in my sub-grid control.


Simple isn’t it.

Surprisingly there are very less examples on this. The other way if not this would be iterate through the selectedRows of the grid each time and then do a switch-case on each attribute of the row to achieve the desired result.

Hope it helps

-Debajit Dutta

(Dynamics MVP)

(Visit our products page – http://www.xrmforyou.com/products-1.html to know more about our offerings)