When we are developing Code in Visual studio, we will use TRY/Catch Block to handle errors. if Try Errored Out it will come to Catch Block. Lets see how to implement this in Microsoft flow
Security is a big concern among organizations around the globe. For this reason, Microsoft provides all sorts of security measures that companies adopt to protect their services.
I was recently deploying a Power Automate solution for a customer when I came across a particular situation. The Cloud flow needed to get some information from an in-house API secured using an IP address allow list.
The issue
I’ve created an Instant cloud flow with an HTTP request to perform the task and, upon execution, I’ve got the expected Unauthorized error message.
HTTP request displaying the unauthorized message
After getting this, I’ve resorted to the Microsoft Docs documentation regarding the limits and configurations to get the list of IP addresses of the environment’s region. With the help of PowerShell, we added all the IP addresses of Europe but the cloud flow kept failing. We also tried adding IP addresses from other regions without any luck. Later, I’ve remembered that Power Automate is a low-code version of Logic Apps, maybe is using an IP address from this service?
I didn’t want to keep trying all the IP addresses from Power Automate or Logic Apps. I needed to find which IP address my flow was using, so then I could find which region list I needed to include in the allow list.
The solution
After some research, I’ve found a third-party discovery service called ipfy API which gives you the IP address from which the request is calling, Perfect!
Using the same HTTP action, I’ve sent a request to this service using this URI:
https://api.ipify.org/?format=json
And gotcha!
If you try to find this IP address from the Power Automate documentation, you won’t find it in any region. This is when I’ve tried the list of Azure IP Ranges and Service Tags of the Public Cloud. You can use this link to get this in a JSON Format.
The IP address appears in this list as seen in the following image:
Shorter version for demonstration purposes
After adding the list of addresses from this region, the in-house API responded successfully
I hope you find this information helpful when configuring security when using Power Automate.
Never stop learning!
SSL encryption is now called TLS
One of the most important pieces of information in an SSL certificate is the website's public key. The public key makes encryption and authentication possible. A user's device views the public key and uses it to establish secure encryption keys with the web server. Meanwhile the web server also has a private key that is kept secret; the private key decrypts data encrypted with the public key.
Certificate authorities (CA) are responsible for issuing SSL certificates.
What is SSL?
SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today.
A website that implements SSL/TLS has "HTTPS" in its URL instead of "HTTP."
How does SSL/TLS work?
In order to provide a high degree of privacy, SSL encrypts data that is transmitted across the web. This means that anyone who tries to intercept this data will only see a garbled mix of characters that is nearly impossible to decrypt.
SSL initiates an authentication process called a handshake between two communicating devices to ensure that both devices are really who they claim to be.
SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient.
There have been several iterations of SSL, each more secure than the last. In 1999 SSL was updated to become TLS.
Why is SSL/TLS important?
Originally, data on the Web was transmitted in plaintext that anyone could read if they intercepted the message. For example, if a consumer visited a shopping website, placed an order, and entered their credit card number on the website, that credit card number would travel across the Internet unconcealed.
SSL was created to correct this problem and protect user privacy. By encrypting any data that goes between a user and a web server, SSL ensures that anyone who intercepts the data can only see a scrambled mess of characters. The consumer's credit card number is now safe, only visible to the shopping website where they entered it.
SSL also stops certain kinds of cyber attacks: It authenticates web servers, which is important because attackers will often try to set up fake websites to trick users and steal data. It also prevents attackers from tampering with data in transit, like a tamper-proof seal on a medicine container.
Microsoft Dynamics CRM Web Service - old post 2018
Meet Jerry, he is wondering about dynamics crm services, In this blog I am helping him to understand when he should use which dynamics CRM web service.
Let’s first understand how many services dynamics crm offers post which will discuss which service to be used when:
Web API
Organization Service
Organization Data Service
Discovery Service
Deployment Service
Web API
WebAPI is fairly new for dynamics CRM and i see many developers havent touched upon it. You should be using WebAPI Service while doing Client side development(preferably) such as Javascript, HTML etc. At this point its not easy to use WebAPI on server side but i am sure it will be possible in coming updates. Web API uses ODATA (Open data protocol). It also doesnt need any dynamics CRM related libraries or assemblies. You perform CRUD operation using XmlHttpRequests.
Organization service
Organization service is basically a SOAP endpoint of dynamics crm and have been available since dynamics crm version 2011. This Service has to be used with .Net Framework and for Business logic that runs in plug-ins or workflow assemblies on the server expect to use the Organization service.( So nothing client side). To work with Organization you have to use microsoft dynamics crm SDK i,e provided libabries and assemblies to interact with dynamics crm.
Organization Data service
It is also known as Odata service for dynamics crm which is Infact nothing but a “REST” Endpoint. You can utilise Odata endpoint in C# code( a server side code as well) but it is widely used for for client side scripting using javascript. However this has been deprecated with the release of dynamics crm 365 which means it is no longer supported. and completely replace with WebAPI.
Discovery web services
As the name suggest, this service should be used when you have mutiple CRM instances of dynamics crm in single deployment. You would use this service in your plugins ( the server side code) to get the current instance obtain the context.
Deployment web service
This service is barely used by developer as UI options are available. Such as Deployment manager etc. Use this service if you have create , delete or edit a dynamics crm organization/instance. Again its all server side.
Hi folks, In this blog i will demonstrate how to use External dll in CRM Online Plugin.
At first let me tell about storage options available in Microsoft Dynamics CRM (Online or On-Premise)
MS CRM Online: If you want to register plugin assembly in Dynamics CRM Online that is Sandbox mode(Partial Trust). You will have only one option available i.e "Database". You can't use other options available for storing assemblies.
Advantage: If you have Multiple Dynamics CRM environment then registering plugins in database is the best option as you can include it in solution and easily migrate from one instance to other.
Dis-Advantage: If you register plugins in Database you can't include external dll.
MS CRM On-Premise: If you are using Dynamics CRM on-premise instance then you will have other options to store assemblies like GAC or Disk.
GAC: If u register plugin in GAC, external dll can be included and also versioning is used, By using GAC Versioning we can avoid conflict of multiple assemblies.
Disk: You can use external dll. It will be stored in CRM Server bin folder. Debugging is easy if we use disk for storing plugins.
Now let us dig into the concept of merging dll's with an scenario.
Suppose you are using Dynamics CRM Online instance and you want to send data from CRM Online plugin to Third Party Web API, To achieve this you will be using some external dlls to serialize or deserialize the data.
For merging external dll, we can use "ILMerge".
ILMerge is used to merge multiple .Net assemblies into single assembly.
Step 1: Install ILMerge dll from the Nuget solution manager.
Install-Package MSBuild.ILMerge.Task
Step 2: Right Click on the external assemblies you have to merge.
Click Properties
Set Copy Local to True.
Finally Rebuild the solution.
By Default below assemblies will be set to true.
Microsoft.Xrm.Sdk.dll
Microsoft.Crm.Sdk.Proxy.dll
Microsoft.IdentityModel.dll
Register the updated assembly. It will work as charm.
In this blog post let us go through how we can enable Authentication and Authorization to the Power Pages site and its data
Once the Power Pages site is built then we need to control access to both data and pages to the users. Power Pages is using the Microsoft Dataverse Contact table in the backend to authenticate site users
Power Pages OOOTB Sign-in
Navigate to the Power Pages site
Click on the “Sign-in” link
You will be able to see the below screen which will have 3 different tabs
Sign-in
Register
Redeem Invitation
A picture shows the Sign-in page with different options
Sign-in
Sign in option allows the users to sign into your Power Pages site if they have registered already either as a local user or as an External Sign in (Azure AD).
Users can just enter the username and password to log in if they have registered as local users. If they are Dynamics 365 users (i.e., Azure Ad users) and they have registered already then, they can log in by just clicking the “Azure AD” button.
Note: Even though users are part of dynamics 365, to login to the Power Pages site they must register separately to login by using the “Azure AD” button
A picture shows local login and Azure AD sign in methods
How to Register
A picture is shown on “How to register”
Once users register with the details then they will get stored in the Microsoft “Contact” table. You can see them either by going to the “Contact” table from the Power Pages “Data” tab or Power Apps Portal Management’s “Contacts” tab under the Security section
A picture shows how to navigate and see the Dataverse “contact” table data
Redeem Invitation
The other option to enable/activate the user account for Power Page is by sending the Invitation to the user’s email address.
As an admin, you can do this by using the Power Apps Portal management app
Navigate to the Power Apps Portal management
Click on “Invitation” under the Security tab
Click on “+ New”
Type name of the user
Select whether the invitation is to invite a user or a group
Set the invitation expiration date
Select the contact from the “Inviter” tab or create a contact record and then Save
To send the invitation click on “Flow” and the “Send Invitation”
Once the invitation is sent the user can copy the code
Copied code can be put into the “Invitation Code” section under the “Redeem Invitation” tab
Click “register” to register and login to the website
A picture shows about the Invitation setupA picture shows – how to send the invitationA picture shows how to redeem the generated code
Point to keep in mind
Microsoft recommends that you use the Azure Active Directory B2C (Azure AD B2C) identity provider for authentication and deprecate the local identity provider for your portal
In the next episode let us see how the Permission model is defined in Power Pages.
