Use Azure App Passwords for MFA enabled D365 authentication from Console App

priyeshwagh777 CRM with .NET Web Applications, Customizations, Dynamics 365, dynamics 365 administration, Microsoft Azure, Office 365 Administration, , , ,

If you have a Console App that authenticates to D365 using a credential (typically, an Administrator) but now the administrator is setup for Multi-Factor authentication, your Console App won’t work. So here’s what you can do.

If you first want to check out about enabling Multi-Factor Authentication, you can check my blog post on it here – Office 365 Admin: Quickly Enable Multi-factor authentication for users

Standard Authentication vs MFA enabled User

When there’s not MFA enabled for Dynamics 365 (Office 365) account credentials, you are able to connect to the organization with no issues and get the CRMServiceClient in your application easy.
authenticated

But, if you have Multi-Factor Authentication enabled for a credential that is used in Console Apps to connect to D365, the Console App will not connect and the CrmCerviceClient will have null as below with the error ‘Unable to Login to Dynamics CRM

unabletologin

Managing App Passwords on Azure Portal

Once you have multi-factor authentication enabled for your account, you can go to portal.azure.com and manage App Passwords as follows –

  1. In Azure Portal, go to your account settings.
    gotoaccount
  2. Then, go to Additional security verification
    additionalsecurityverification
  3. Look for App Passwords
    apppasswords
  4. You can manage and create more passwords here
    manageapppasswords
  5. Create a password if you don’t want to use a default one or want to use different passwords for different apps. Give it a suitable name and click Next
    createapppassword
  6. Copy the password as it is the only time it will be displayed.
    copypassowrd
  7. And you can see your passwords as you create them
    morepasswords

 

Implementing App Passwords in Console App

As the name suggests, App Passwords will let you create special passwords for applications to authenticate to Dynamics 365 without needing to go through multi-factor authentication like when you’re running a Console App to connect to Dynamics 365

  1. Go to the Password in the credentials in the App.Config of the Console Application
    oldpassword
  2. And replace it with the App Password
    newpassword
  3. Now, Build the application and run it. It will authenticate successfully.
    authenticated

Hope this helps! 🙂

 

7 thoughts on “Use Azure App Passwords for MFA enabled D365 authentication from Console App

  2. Hi,

    My additional verification window looks diffefent and does not have any option to create an app password

    Additional security verification
    When you sign in with your password, you are also required to respond from a registered device. This makes it harder for a hacker to sign in with just a stolen password. View video to know how to secure your account

    what’s your preferred option?
    We’ll use this verification option by default.

    how would you like to respond?
    Set up one or more of these options. Learn more
    Authentication phone

    Authenticator app or Token
    Set up Authenticator app

    Save
    cancel

    Like

    Reply

    • Hi DL, make sure you are a Global Admin and see if you can still see the option to create an app password. Unfortunately, since there is no screenshot, I can’t exactly visualize. Hope this helps.

      Like

      Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.