Let’s build the modern/mobile odata application that talks to the CRM online service that we provisioned in the Microsoft Azure cloud, for some Rapattoni netmagic users. Lets see how it works when the client cooperates with the oauth2 endpoints of AAD/netmagic to obtain access and refresh tokens; and how the client populates the access tokens into odata requests:
From the CRM 2013 SDK
Once we register our new windows 8 “native application” in Azure AD, the windows 8 application acts conventionally:
We note the code that precedes this invocation of the oauth2 handshake. It learns the tenant name and address of the associated the oauth2 server …from a discovery request. The return of an enhanced www-authorization header (of authority_uri) occurs only when one adds a particular relevant query string (SDKClientVersion=X), with suitable values. That is, clients must “opt in” to the practice.
private const string _clientID = “d00b06a7-4dbb-4eab-bb59-8d63a4783d36”;
public const string CrmServiceUrl = “https://netmagic.crm.dynamics.com/”;
We see the request for discovery and then for odata recovery of an account entity set.