I configured claims based authentication on my CRM instance. I'm using custom STS (Example available here) Now I want to access to web services from some test application. Does anyone have some example for this? I tried with same code for connection in case of windows auth. but, ofcourse, unsuccessful. I'm getting an error:
{"The authentication endpoint Kerberos was not found on the configured Secure Token Service!"}
This is code for connection (for AD authentication type):
OrganizationServiceProxy orgserv;
ClientCredentials clientCreds = new ClientCredentials();
ClientCredentials devCreds = new ClientCredentials();
clientCreds.Windows.ClientCredential.UserName = "user";
clientCreds.Windows.ClientCredential.Password = "P@$$w0rd";
clientCreds.Windows.ClientCredential.Domain = "myDomain";
IServiceConfiguration<IOrganizationService> orgConfigInfo =
ServiceConfigurationFactory.CreateConfiguration<IOrganizationService>(new Uri("https://myCRMServer/myOrg/XRMServices/2011/Organization.svc"));
using (orgserv = new OrganizationServiceProxy(orgConfigInfo, clientCreds))
{
orgserv.ServiceConfiguration.CurrentServiceEndpoint.Behaviors.Add(new ProxyTypesBehavior());
orgserv.EnableProxyTypes();
connection = orgserv;
}
I found somewhere that for claim based authentication is enough to send only UPN (User Principal Name). But the same error happens. I also tried with username/password combination and it was unsuccessful.
AuthenticationCredentials authCredentials = new AuthenticationCredentials();
...
authCredentials.UserPrincipalName = "user";
...
authCredentials.ClientCredentials.UserName.UserName = _userName;
authCredentials.ClientCredentials.UserName.Password = _password;
Error after this is: The authentication endpoint Username was not found on the configured Secure Token Service!
I finally solved this issue. In the end I configured ADFS and added Relaying Party trust for my custom STS. Now this works perfectly. API calls are made through ADFS and Web access authentications is done through custom STS.