Unanswered

Power Platform Build Tools Authentication with Service Principal failed

(0) Share

Report

Posted on by Kengie

Hi Team,

I'm having trouble to use the Service Account connection using the Power Platform Build tools to connect to my instance. I'm using the Service Account credentials and the App has been successfully registered in the AAD and verified using Postman with the correct permissions as an Application User with the role of Admin on the instance. I am using Authentication type with the option of Service Principal/client secret.

Attached is the DevOps step that failed.

Thanks in advance.

Regards,

Kengie

Categories:

Power Apps Pro Dev & ISV

tasklog_7.zip

I have the same question (0)

All responses (2)

Answers (0)

David Jenni Microsoft Employee on at

Like (0)

Report

I can't make sense of the AAD error you're seeing, the puzzling part is why the ADAL lib is falling back to anonymous authN?
Please try to repro with this simple console app (it can authenticate with either username/password but also with appID/clientSecret. It also writes out a more detailed CrmServiceClient & ADAL log. Please try to repro with your PP environment and your credentials, ideally both locally on your dev environment and in a Azure DevOps pipeline (I'll try to add a sample pipeline to that repo below later today):

Simple console app to connect to CDS:
https://github.com/davidjenni/D365-OrgServiceSample

Was this reply helpful? Yes No
Kengie 5 on at

Like (0)

Report

I have download and execute the https://github.com/davidjenni/D365-OrgServiceSample and attached the logs for your review.

The error i'm getting from the Sample App is:
Microsoft.Xrm.Tooling.Connector.CrmServiceClient Error: 2 : Invalid Login Information : The HTTP request was forbidden with client authentication scheme 'Anonymous'. Source : mscorlib Method : HandleReturnMessage Date : 11/12/2020 Time : 11:16:45 AM Error : The HTTP request was forbidden with client authentication scheme 'Anonymous'. Stack Trace : Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.IOrganizationService.Execute(OrganizationRequest request) at Microsoft.Xrm.Sdk.WebServiceClient.WebProxyClient`1.ExecuteAction[TResult](Func`1 action) at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.RefreshInstanceDetails(IOrganizationService crmService, Uri uriOfInstance) at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.DoDirectLogin(Boolean IsOnPrem) at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.InitCRM2011Service()

The only changes I made in the sample is my client id and the tentat id.

Thanks for taking a look.

Debug.zip

Was this reply helpful? Yes No