Connecting XrmToolBox to an MFA enabled Dynamics 365 environment | Azure AD

It has always been recommended to enable MFA on environments we work on. For developers, it is especially critical that MFA is enabled that developers are also someone who need to connect the https://www.xrmtoolbox.com/ more than ever!

Here’s one of the common challenges in being able to connect to an MFA enabled Dynamics 365 instance using XrmToolBox.

Register the Dynamics 365 environment as an App in Azure

Microsoft has provided a recommended way to register an App with Azure Active Directory and also the same has been mentioned in the XrmToolBox Connection utility. Below is a summary from the original Microsoft Documentation on the same – https://docs.microsoft.com/en-US/powerapps/developer/data-platform/walkthrough-register-app-azure-active-directory?WT.mc_id=DX-MVP-5003911

Go to https://portal.azure.com/ and look for Azure Active Directory.
Once you save it, you’ll get the Application (client) ID which which will be needed by the XrmToolBox while connecting.
Go to the Manifest file and make “allowPublicClient” to true and Save it.
Now, navigate to API Permissions from the left side menu.
Now, search for the permission “Common Data Service” under the tab APIs for my organization uses.
Make sure Delegated Permissions are selected and tick mark user_impersonation and click on Add permissions.
Select the same and your permissions should look like below. Once this is the state, you are done on Azure side.

Now, let’s connect XrmToolBox to the Dynamics 365 environment.

Connecting to Dynamics 365 using the XrmToolBox

Let’s see what steps you need to follow in order to connect to the Dynamics 365 instance

Open XrmToolBox and create a New Connection.
Now, since you are aware that the environment is MFA enabled, select MFA/OAuth method.
Enter the URL of the Organization and click Next as shown below.
Now, enter the Application ID which you can copy from the registered App in Azure.
If you click on the “Use development Azure AD App”, the Reply Url will be populated automatically. Before that, you’ll see the message notifying which scenarios this is suitable.
Read below. At this point, I haven’t tried the other method and stuck to the below since I connect XrmToolBox to the Dynamics 365 environment for development purpose.
Once you click OK on the above, the Reply Url will be auto-populated and you can proceed further.
Now, enter the username which you want to connect with. Supposedly, this is the one on which MFA is enabled.
Upon clicking Next, you will be asked the Password of the credentials you are using.
Once you’ve entered the same, it will send a request to your Authenticator on the registered device.
One the device, assuming you have the Authenticator App installed already, you can Approve the same to let the Authentication go through.
Upon Approval, the XrmToolBox will be authenticated and it will be connected to the Dynamics 365 environment. As usual, you can then give it a name and click Finish to save it on your XrmToolBox.