This documentation is for WSO2 Identity Server 5.1.0. View documentation for the latest release.
Page Comparison - How To: Login to Dynamics CRM via Identity Server (v.11 vs v.12) - Identity Server 5.1.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Users need to be configured within the Identity Server in order to perform authentication. This can be done by manually adding users to the Identity Server or connecting directly to an LDAP server. The only requirements are that the user records represented in the Identity Server have a username field in the format of username@domain.com or DOMAIN\username in order to correctly log in to CRM, and that username field matches a username field within CRM.

...

Within the service provider, in the inbound authentication section, a Passive STS realm and Wreply URL must be defined under the WS-Federation (Passive) Configuration area. This value should match the CRM server realm name and URL. Typically, the URL will be in the format https://servername.domain.com/ (for non-IFD) or https://orgname.domain.com/ (for IFD). For IFD servers, one server provider must be created for each organization, with each one having the specific organization's URL set as the Passive STS Realm in the Inbound WS-Federation authentication settings. Ensure that the trailing "/" is included, as CRM appends this by default to all its endpoints and the values must match exactly.

...

In order to authenticate with a security token service, CRM expects federation metadata that contains specific details about the service. It requires the certificate that the STS uses to sign the responses as well as the passive STS endpoint for the WSO2 server, in addition to the claims expected. A sample file can be downloaded from here. This found inside <IS_HOME>/repository/deployment/server/webapps/mex directory. This file needs to be hosted somewhere accessible to the CRM server. For the purposes of testing this scenario, you can add it to the wwwroot folder for easy access.

...