Forum Discussion
Microsoft Dynamics 365 Portal SSO
Hi
Just wondering if anyone here has successfully setup SAML2.0 federation with Microsoft Dynamics 365 Portals?
This document doesn't specifically mention F5, but I dont' see why it wouldn't work.
https://docs.microsoft.com/en-us/dynamics365/customer-engagement/portals/configure-saml2-settings
I have created the site settings similar to AzureAD and shibboleth
Authentication/SAML2/F5/AssertionConsumerServiceUrl - https://samltrialf5.microsoftcrmportals.com/signin-saml2
Authentication/SAML2/F5/AuthenticationType - https://sts.myidp.com.au/idp/portal
Authentication/SAML2/F5/Caption - MyIDP SSO
Authentication/SAML2/F5/MetadataAddress - https://sts.myidp.com.au/idp/f5
Authentication/SAML2/F5/ServiceProviderRealm - https://samltrialf5.microsoftcrmportals.com/
When I go to the portal site and click sign in, I can see an external account option of "MyIDP SSO". However when I click on the button I get a HTTP 500 error from Microsoft "We're sorry, but something went wrong"
The metadataAddress currently doesn't actually contain the federationMetadata file from the F5, so I plan on hosting that using an iFile and updating that site setting to see if that might be causing the issue.
I just wanted to see if anyone here had been successful in federating with D365 Portals?
Cheers,
Simon
- raZorTTCirrostratus
So i've managed to get this working 🙂
To get more information about why portal was seeing an error I had to remove the custom error page. After that I got the .net yellow screen of death (YSOD) which lead me to a certificate error, and a validation error which required me to make the F5 metadata xml file available to download.
https://docs.microsoft.com/en-us/dynamics365/customer-engagement/portals/view-portal-error-log
Just in case anyone else tries this, these are the values for the site settings
Authentication/SAML2/F5/AssertionConsumerServiceUrl - https://{yourportalURL}/signin-saml2 Authentication/SAML2/F5/AuthenticationType - The Local IdP Service EntityID on the F5 Authentication/SAML2/F5/Caption - A label that will be applied to a button on the signin page Authentication/SAML2/F5/MetadataAddress - The Local IdP Service metadata file in a downloadable location Authentication/SAML2/F5/ServiceProviderRealm - https://{yourportalURL}/
Cheers, Simon
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com