Connecting XrmToolBox to an MFA enabled Dynamics 365 environment | Azure AD

It has always been recommended to enable MFA on environments we work on. For developers, it is especially critical that MFA is enabled that developers are also someone who need to connect the https://www.xrmtoolbox.com/ more than ever!

Here’s one of the common challenges in being able to connect to an MFA enabled Dynamics 365 instance using XrmToolBox.

Register the Dynamics 365 environment as an App in Azure

Microsoft has provided a recommended way to register an App with Azure Active Directory and also the same has been mentioned in the XrmToolBox Connection utility. Below is a summary from the original Microsoft Documentation on the same – https://docs.microsoft.com/en-US/powerapps/developer/data-platform/walkthrough-register-app-azure-active-directory?WT.mc_id=DX-MVP-5003911

  1. Go to https://portal.azure.com/ and look for Azure Active Directory.


  2. Once you save it, you’ll get the Application (client) ID which which will be needed by the XrmToolBox while connecting.

  3. Go to the Manifest file and make “allowPublicClient” to true and Save it.

  4. Now, navigate to API Permissions from the left side menu.

  5. Now, search for the permission “Common Data Service” under the tab APIs for my organization uses.

  6. Make sure Delegated Permissions are selected and tick mark user_impersonation and click on Add permissions.


  7. Select the same and your permissions should look like below. Once this is the state, you are done on Azure side.


    Now, let’s connect XrmToolBox to the Dynamics 365 environment.

Connecting to Dynamics 365 using the XrmToolBox

Let’s see what steps you need to follow in order to connect to the Dynamics 365 instance

  1. Open XrmToolBox and create a New Connection.

  2. Now, since you are aware that the environment is MFA enabled, select MFA/OAuth method.


  3. Enter the URL of the Organization and click Next as shown below.


  4. Now, enter the Application ID which you can copy from the registered App in Azure.

  5. If you click on the “Use development Azure AD App”, the Reply Url will be populated automatically. Before that, you’ll see the message notifying which scenarios this is suitable.

  6. Read below. At this point, I haven’t tried the other method and stuck to the below since I connect XrmToolBox to the Dynamics 365 environment for development purpose.


  7. Once you click OK on the above, the Reply Url will be auto-populated and you can proceed further.

  8. Now, enter the username which you want to connect with. Supposedly, this is the one on which MFA is enabled.

  9. Upon clicking Next, you will be asked the Password of the credentials you are using.

  10. Once you’ve entered the same, it will send a request to your Authenticator on the registered device.


  11. One the device, assuming you have the Authenticator App installed already, you can Approve the same to let the Authentication go through.

  12. Upon Approval, the XrmToolBox will be authenticated and it will be connected to the Dynamics 365 environment. As usual, you can then give it a name and click Finish to save it on your XrmToolBox.





Hope this was helpful!!

Here are some more Azure / Dynamics 365 / XrmToolBox related posts you might want to check out –

  1. Find deprecated JS code used in your Dynamics 365 environment | Dynamics 365 v9 JS Validator tool | XrmToolBox
  2. Set Lookups in Xrm.WebApi D365 v9 correctly. Solving ‘Undeclared Property’ error
  3. Understanding Xrm.Page Object ModelForm Access Checker in new Power Apps Form Designer | Model-Driven Apps in Dynamics 365
  4. Use Rich-Text Control for Multiple Lines of Text in Dynamics 365 CE | Quick Tip
  5. Ribbon button visibility based on a field value in Dynamics 365 | Ribbon Workbench
  6. Pass Execution Context to JS Script function as a parameter from a Ribbon button in Dynamics 365 | Ribbon Workbench
  7. Log Canvas Power App telemetry data in Azure Application Insights | Power Apps
  8. Call Azure Function from Dynamics 365 CRM using Webhooks
  9. Use Azure App Passwords for MFA enabled D365 authentication from Console App
  10. Find Created On date of solution components in Solution Layers | Dynamics 365 [Quick Tip]

Thank you!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.