You can get the detail of current login user in liquid template va user liquid object. There is another way you can get the current login user via XHR call.
Microsoft CRM Portal has built-in API to generate JWT of current login user. The API is at https://<crm portal url>/_services/auth/token and returns JWT. This JWT is nothing but a JSON object encrypted using RS256 algorithm. So, anyone can decode it. Other words, anyone can encode it also.
You sometimes need to pass the current login user information to external web app. Since it takes very little effort to generate a JWT and pass it to your external website, it is very easy to bypass the security. Therefore, you will definitely want to verify the authenticity of generated token too ensure the token is generated from trusted source (in this case, your CRM portal).
The beauty with JWT is you can verify the signature of token using public key. If you are not familiar with PKI, the process generally involves the source or CRM portal which generates a token using its private key (which is already handled in CRM portal), and the target or your external web app which verifies the authenticity of the token using public key. To do this, get the public key of your CRM portal at https://<crm portal url>/_services/auth/publickey.
The order of the whole process is
- Pass JWT token as a parameter in a web request/link to your external web app
- In your external web app, get public key from CRM portal and verify the signature of the JWT contained in web request
That’s easy, simple and neat. Right?
Next time, we will have a look at Azure AD B2C configuration to authenticate users, which requires more configurations and adds a little bit of complexity.
Before reading the post, you may would like to read the official document on Microsoft at https://docs.microsoft.com/en-us/dynamics365/customer-engagement/portals/assign-entity-permissions. This will give you a basic understanding of entity permissions in Microsoft CRM Portal.
Your customer wants to build a portal using Microsoft CRM portal. Connection is used for linking their contacts and accounts. Your customer wants to control the permissions of their contacts (who will login to the portal) on their related accounts, based on their connection role. If a contact is assigned as Admin role, he should be able to edit the account record. But, if it is User role, he should have read-only access to Account record.
Using connection to assign role to accounts
Sounds like a familiar request from most customers?
If yes, let’s look at how we can implement this scenario in Microsoft CRM portal.
After developing a custom portal on Microsoft CRM Portals, I like to share my experience.
This is kind of starter guide to build highly customised web pages on Microsoft CRM portals. It is a high level and very informal guide.
Libraries and frameworks
To customise the portal, a good understanding of followings are essential.
Microsoft CRM portal uses Bootstrap. Use bootstrap customiser like https://www.bootstrap-live-customizer.com/ for a quick customisation.
Configuration and customization of CRM portal is always fun. You need to pay attention to even the smallest thing as there is no one stop place to configure them. Everything is connected among CRM form, portal entity form, metadata, permissions inheritance, scripts. One mis-configuration would render the form incorrectly.
One day, we found that some portal forms are rendering Timeline area like below where it is supposed to be Notes area.