Search code examples
c#azuredynamics-crmadaldynamics-crm-online

Error AADSTS90002 on aquire authentication token for Dynamics 365

I am encountering the following error when attempting to authenticate with Dynamics 365 from my .Net client:

AADSTS90002: Tenant authorize not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.

Here is the code I am currently using:

AuthenticationParameters authenticationParameters = AuthenticationParameters.CreateFromResourceUrlAsync(new Uri("https://dev-aec-ssp.api.crm6.dynamics.com/api/data/v9.1/")).Result;
AuthenticationContext authenticationContext = new AuthenticationContext(authenticationParameters.Authority, false);
ClientCredential clientCredential = new ClientCredential("9cd8fe45-xxxx-xxxx-xxxx-e43ef81c803f", "abcdefghijk");
AuthenticationResult authenticationResult = null;
try
{
    authenticationResult = authenticationContext.AcquireTokenAsync("https://dev-aec-ssp.api.crm6.dynamics.com", clientCredential).Result;
}
catch (Exception ex)
{
    throw new Exception("Failed to authenticate with remote Dynamics service.", ex);
}

It always fails on AcquireTokenAsync.

Solution

  • Couple of points:

    1. The Org url should look like https://yourcrm.dynamics.com. Read more

    2. The GitHub issue says:

    https://login.microsoftonline.com/{Guid} (where the Guid is the tenant ID
    or
    https://login.microsoftonline.com/domainName where the domain name is a domain associated with your tenant
    or
    https://login.microsoftonline.com/common

        string organizationUrl = "https://yourcrm.dynamics.com";
    string appKey = "*****";
    string aadInstance = "https://login.microsoftonline.com/";
    string tenantID = "myTenant.onmicrosoft.com";
    string clientId = "UserGUID****";
    public Task<String> SendData()
    {
        return AuthenticateWithCRM();
    }

    public async Task<String> AuthenticateWithCRM()
    {
        ClientCredential clientcred = new ClientCredential(clientId, appKey);
        AuthenticationContext authenticationContext = new AuthenticationContext(aadInstance + tenantID);
        AuthenticationResult authenticationResult = await authenticationContext.AcquireTokenAsync(organizationUrl, clientcred);
        using (HttpClient httpClient = new HttpClient())
            {
                httpClient.BaseAddress = new Uri(organizationUrl);

                .

                .
             }

    }