Microsoft Dynamics 365 (online) Integration with Office 365


Applies To: Dynamics 365 (online), Dynamics 365 (on-premises), Dynamics CRM 2016, Dynamics CRM Online

This documentation applies to customers who access Microsoft Dynamics 365 (online) through the Microsoft Online Services environment. Through integration of Microsoft Dynamics 365 (online) with Microsoft Office 365, Microsoft Dynamics 365 (online) customers that are subscribed to Office 365 have single sign-on access, through identity federation, to any Office 365 supported application, such as Microsoft Exchange Online. Similarly, when provisioned, Office 365 customers have access to Microsoft Dynamics 365 (online). In addition, by federating Active Directory domain accounts in Microsoft cloud services, businesses can manage a single set of user identities in both their Active Directory domain and Microsoft Dynamics 365 (online).

This topic provides information about where users’ identities are created and managed, and how they relate to Microsoft Dynamics 365 (online).

Identity management with Microsoft Online Services

When accessing the Microsoft Dynamics 365 (online) web services, your applications should know the identity provider associated with the logged on user’s Microsoft Dynamics 365 account. Configuration of the user’s authentication credentials for accessing the web services through SDK calls is slightly different for each provider. The details on how to configure user credentials for each identity provider and access the Microsoft Dynamics 365 (online) web services is discussed in the topic Authenticate Office 365 users with Microsoft Dynamics 365 (online) web services.

There are two identity providers supported by Microsoft Dynamics 365 (online) and provisioned through Microsoft Online Services: User ID, and Active Directory (through cloud federation). The following discussion provides an overview of these identity services and how they relate to Microsoft Dynamics 365 (online).

User ID

User ID represents user identities provisioned by customers in Microsoft cloud services and is the identity provider for all customers who have subscribed to the Office 365 collaboration environment. User ID enables you to have access to all Microsoft online services such as Microsoft Exchange Online and Microsoft Dynamics 365 (online). Customers with a User ID have their account credentials and policies managed through Microsoft Online Services.

For the sake of this discussion, User ID users are referred to in this documentation as “managed” or “non-federated” users.

Active Directory

Federation allows customers to use Active Directory-based domain user accounts to access Microsoft Online Services such as Office 365 or Microsoft Dynamics 365 (online). After federation is configured by an administrator, Active Directory-based system user accounts can be locally managed, made available to Microsoft Online Services, and kept in sync with changes made to the on-premises Active Directory identities. The benefit of federation is a single sign-on experience across Microsoft Dynamics 365 (on-premises) and Microsoft Dynamics 365 (online) systems. This type of identity management is useful for large corporations that have hundreds or thousands of established users.

For more information about how to configure identity federation, see Single sign-on: Roadmap.

Identity management with Microsoft account

Microsoft account continues to be a supported identity provider for Microsoft Dynamics 365 (online). However, Microsoft account is not supported for Microsoft Dynamics 365 (online) organizations when provisioned through Microsoft Online Services. Microsoft Dynamics 365 (online) customers that are not subscribed through Office 365 can access Microsoft Dynamics 365 (online) through their Microsoft account.

Microsoft account subscription transition to Office 365

All Microsoft Dynamics 365 (online) customers with Microsoft account subscriptions are being transitioned to a Microsoft Office 365/Microsoft Online Services subscription. In this release of the SDK, several authentication-related classes have been updated to ease this transition by supporting Microsoft account logon credentials when you authenticate with the Microsoft Online Services identity provider of Microsoft Dynamics 365 (online). Depending on the SDK classes used by your application to authenticate, you may or may not need to update your application code to support transitioned users.

For more information on required coding changes, see the topic Authenticate Office 365 users with Microsoft Dynamics 365 (online) web services. The Microsoft Dynamics CRM Transition Center has additional customer-related information.

See Also

Connect with Microsoft Office 365 and Microsoft Dynamics 365 (online)
Authenticate Office 365 users with Microsoft Dynamics 365 (online) web services
Active Directory and claims-based authentication
Active Directory Federation Services
Access Control Service 2.0

Microsoft Dynamics 365

© 2016 Microsoft. All rights reserved. Copyright