Server-to-Server (S2S) Authentication with Dynamics 365 – Part 1


With server-to-server (S2S) authentication, external services like web applications can seamlessly and securely connect to Dynamics 365 in a controllable manner. Typical scenarios for this service are third-party applications and internal customer applications that need to integrate with Dynamics 365 data.


  • Visual Studio 2015 with web developer tools installed
  • A December 2016 update for Microsoft Dynamics 365 (online) tenant associated with your Azure Active Directory (Azure AD) tenant.

Create an MVC web application

Using Visual Studio 2015, create a new MVC web application and register it with your Azure AD tenant.

  • Open Visual Studio 2015, Click New Project and select .NET Framework 4.6.1 and the ASP.NET Web Application template.
    Click OK, and in the New ASP.NET project dialog select MVC.
  • Click the Change Authentication button and select Work and School Accounts. s2sauth_01
  • Select Cloud – Multiple Organizations and click OK

    if you get the following error “Error: The user account ‘’ doesn’t have the required permissions to access the domain ‘’.” make sure your visual studio is singed in with the same credentials you are trying to use to connect to Azure AD.

  •  if you navigate to under App Registrations you will see the app created by Visual Studio.
  • You will need to give you app access to your Dynamics 365 data.
    • Under API Access area click Required permissions
    • Click Add -> select API -> Dynamics CRM Online and click select
    • Click Done to save permission changes
  • Run your MVC application and you will be prompted to login using your Online credentials.

Leave a Reply