Dynamics CRM REST Connection

You can use the Dynamics CRM REST Connection shared resource to create a connection to the Microsoft Dynamics CRM server.

General

In the General panel, you can specify the package that stores the Dynamics CRM REST Connection shared resource, the shared resource name, and the shared resource description.

The following table lists the configurations in the General panel of the Dynamics CRM REST Connection shared resource:

Field Module Property? Description
Package No The name of the package where the new shared resource is located.
Name No The name to be displayed as the label for the shared resource.
Description No A short description for this shared resource.

Service Configuration

In the Service Configuration panel, provide the information related to the Microsoft Dynamics CRM server to which the plug-in connects.

The following table lists the configurations in the Service Configuration panel of the Dynamics CRM REST Connection shared resource:

Field Module Property? Description
Deployment Type No Two types of deployments are supported:
  • Online: Used for connecting to the Microsoft Dynamics CRM online server.
  • On-Premises: Used for connecting to the local Microsoft Dynamics CRM server.

If a self-signed SSL certificate is used to establish a connection between the Microsoft Dynamics CRM On-Premises server and the plug-in, use Java Keytool to import the self-signed SSL certificate into the JRE global truststore; the cacerts JRE global truststore file is located in the TIBCO_HOME/tibcojre64/version_number/lib/security directory.

Authentication Type No The authentication types that are supported by the plug-in. The types depend on the deployment type that you select.
  • If you select the Online deployment, the plug-in supports only OAuth authentication.
    Important: You must register your application with Microsoft Azure Active Directory before you can use OAuth authentication to connect to the Microsoft Dynamics CRM online server. For more information, see Registering a New Application in Azure Directory and Giving Permission for the Registered Application.
    Note: The plug-in supports OAuth 2.0 authorization protocol for all the palette activities that are supported by Dynamics CRM on-premise.
  • If you select the On-Premises deployment, the plug-in supports two types of authentication: NTLM and Kerberos.
Grant Type No The grant type to authenticate user access when you select Online deployment.
Two types of grant types are supported:
  • Password Credentials
  • Client Credentials
The default value is Password Credentials.
Note: Projects created in versions prior to version 6.7.0 of the plug-in support only password credentials grant type.
User Name Yes The user name used to connect to the Microsoft Dynamics CRM server.
Note: This field is not visible for Client Credentials grant type.
Password Yes The password used to connect to the Microsoft Dynamics CRM server.
Note: This field is not visible for Client Credentials grant type.
Service Root URL Yes

The URL for the service root that provides access to the business data and metadata for your organization.

Note: You can either type the URL for the service root manually or find it automatically by using Discover Service.
Timeout (sec) Yes The timeout value in seconds that applies to the communication with the Microsoft Dynamics CRM server. The default timeout value is 1800 seconds.
The following fields are displayed only when the Kerberos authentication is selected.
LoginModule File Yes Click the icon to locate the LoginModule file.

The file contains the configuration information of the login properties in Java Authentication Authorization Service (JAAS).

Kerberos File Yes Click the icon to locate the Kerberos file.

The file contains the realm and server configuration information.

The following fields are displayed only when the OAuth authentication is selected.
Tenant ID Yes
The unique ID of your Microsoft Azure Active Directory with which you have registered your application.
Tip: To know the Tenant ID, in Microsoft Azure, click

App registrations and click Endpoints. In the fields that are displayed, the string value after host name in the OAUTH 2.0 TOKEN ENDPOINT field is known as Tenant ID. You can copy the OAuth 2.0 Token Endpoint field value by clicking the icon beside it.

Client ID Yes
The unique ID of the application that you want to connect to the Microsoft Dynamics CRM Online server. This is application specific and is unique for each application.
Note: The application must be of native type when the grant type is Password Credentials; and it must be of Web app / API type when grant type is Client Credentials.
Tip:

To know the Client ID, in Microsoft Azure, click App registrations, and in the list of registered applications, select a specific registered application. In the application pane, the value assigned under Application ID is known as Client ID.

Client SecretKey Yes One of the passwords for your Web app / API application that you want to use to connect to the Microsoft Dynamics CRM Online server.
Note: Shown only when Grant type is Client Credentials.
Note: A Web app / API application can have one or more passwords that can be used as a secret key while obtaining OAuth2.0 keys.
Note: To generate a new password in Microsoft Azure,
  1. Click App registrations in the Azure portal.
  2. Select the registered application.
  3. In the applications pane, click on the Settings icon.
  4. In the Settings pane, click Keys.
  5. In the Keys pane, under Passwords section, enter details in the Description column and choose a value for Expires from the drop-down menu.
  6. Click Save.
After the key is generated, copy it, and save it because the key value is never displayed again.

Proxy Configuration

In the Proxy Configuration panel, you can provide the information related to the proxy server to access Microsoft Dynamics CRM REST endpoints outside of a firewall.
Note: Projects created using version 6.6.0 or earlier versions of the plug-in configured with proxy and online deployment in Dynamics CRM REST connection must be opened in TIBCO Business Studio™ and reconfigured with proxy authentication type as NTLM. For online deployment, only NTLM is supported as authentication type for the proxy server.

The following table lists the configurations in the Proxy Configuration panel of the Dynamics CRM REST Connection shared resource:

Field Module Property? Description
Use Proxy Yes If you use a proxy server to access Microsoft Dynamics CRM REST endpoints outside of a firewall, select the Use Proxy check box.
Proxy Server Yes The host name or IP address of the proxy server.
Authorization Type No The authentication type used by the proxy server for incoming requests from the Dynamics CRM REST Connection resource.
  • When the deployment type is Online, the value for Authorization Type is NTLM.
  • When the deployment type is On-Premises, the value for Authorization Type is Basic.
Proxy Port Yes The port number of the proxy server.
Proxy Username Yes The user name used to connect to the proxy server.
Proxy Password Yes The password used for the specified user name when connecting to the proxy server.
Proxy Domain Yes The domain name to which the proxy user belongs to for authentication with the proxy server.
Note: This field is shown only when the proxy authorization type chosen is NTLM.

Discover Service

Ensure that you have configured all the necessary parameters when using Discover Service. You can click Discover Service to open the Discovery Web API dialog, type the URL in the field, and click Ok. The URL for the service root is found automatically. If the discovery service information is authenticated, the associated URL for the service root is automatically entered in the Service Root URL field.
Note: The Discover Service button is disabled when Grant type is Client Credentials.

Test Connection

You can click Test Connection to test whether the specified configuration fields result in a valid connection to the Microsoft Dynamics CRM server.

Note: If illegal/incorrect key size error is displayed when testing the connection to the Microsoft Dynamics CRM server with the Kerberos authentication, you must replace the local_policy.jar and US_export_policy.jar JRE security files that are located in the TIBCO_HOME/tibcojre64/version_number/lib/security directory with the files you can download from Oracle website. For more details, contact TIBCO Support team.
Note: If you enter an incorrect Kerberos file and correct it later, restart your Business studio.