We are using MS Dynamics Crm 2016 Online, we are required to consume Azure Hosted WebApi from client side. We are trying to get data using ajax call.. the same code works for us outside MS Dynamics Crm but within Dynamics Crm we are getting Access denied error. We have enabled CORS in the webapi but we still experince this issue. It looks like it is something related to Dynamics CRM but we are not able to find the cause and solution.
Below is the sample code which works outside MS Dynamics CRM
$.ajax({
url: 'http://myaccountapi.azurewebsites.net/api/Account',
type: 'POST',
data: 'testaccount',
contentType: "application/json",
success: function(data) {
processData(data);
},
error: function (error) {
alert(error.statusText);
}
});
But this same code throws error within CRM which says : Access denied.
So you have a page from orgName.crmX.dynamics.com trying to call to myaccountapi.azurewebsites.net. This is not a CRM issue.
You are making a cross-site request that is likely resulting in an access denied message - since, I'm guessing, you have not enabled CORS in the WebApi application.
You can review the full example at: http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api.
Enable CORS
Now let's enable CORS in the WebService app. First, add the CORS NuGet
package. In Visual Studio, from the Tools menu, select Library Package
Manager, then select Package Manager Console. In the Package Manager
Console window, type the following command:
Install-Package Microsoft.AspNet.WebApi.Cors
This command installs the latest package and updates all dependencies,
including the core Web API libraries. User the -Version flag to target
a specific version. The CORS package requires Web API 2.0 or later.
Open the file App_Start/WebApiConfig.cs. Add the following code to the
WebApiConfig.Register method.
using System.Web.Http;
namespace WebService
{
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
// New code
config.EnableCors();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
}
}
Next, add the [EnableCors] attribute to the TestController class:
using System.Net.Http;
using System.Web.Http;
using System.Web.Http.Cors;
namespace WebService.Controllers
{
[EnableCors(origins: "http://mywebclient.azurewebsites.net", headers: "*", methods: "*")]
public class TestController : ApiController
{
// Controller methods not shown...
}
}
As CRM Online is accessed on an encrypted connection you also need to access external resources using SSL. Just change your url to use https and you should be good to go:
$.ajax({
url: 'https://myaccountapi.azurewebsites.net/api/Account',
type: 'POST',
data: 'testaccount',
contentType: "application/json",
success: function(data) {
processData(data);
},
error: function (error) {
alert(error.statusText);
}
});
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我命由我不由天 的文章《Consuming Azure hosted WebApi in MS Dynamics CRM O》','https://www.manongdao.com/article-914553.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}