Nishant Rana's Weblog

Live Chat using ProProfs Chat in Dynamics 365 CE (CRM)

ProProfs chat is another live chat solution that integrates with both Dynamis 365 CE as well as CRM On Premise. Recently I wrote about PowerChat which is another live chat solution that works on both online and on premise version of Dynamics CRM.

In this post we’d see how quickly we can setup the integration and be up and running and also compare it with PowerChat.

Navigate to https://www.proprofs.com/chat/integrations/microsoft-dynamics/ to get the details and click on Try Chat Free to get started.

After creating the account, go to Integration option and select Microsoft Dynamics and set the toggle switch on.

Specify the Dynamics CRM URL, Dynamics CRM Account, on-premise or online and should lead, contact and case should be auto created or not.

Once enabled, go to Installation option and copy the code and paste it on the website or page.

As soon as the visitor starts the chat, the agent will receive the Invite.

The agent can see the details of the visitor like location, device etc.

The customer can end the chat and give rating as shown below.

The agent gets the notification that user has ended the chat.

As configured, we can see the case, lead and contact record created in Dynamics 365 CE, with description having the chat transcript.

To add agents, we can choose the Add Operator option

Routing order gives the option of specifying the sequence of operator accepting chats if chat routing is enabled. Similarly, visitor can select the operation they want to interact with as specified by Allow Operator Selection option.

For different business units having different websites/ pages, we would want them to be served by different operators, herein we can use Departments.

Department will have a code which we need to place under the ProfProfs Chat code to send chat to that specific department.

Also, for Admin, there are Reports available Summary, Rating, Operator, Timesheet, Visitor.

Theme settings à

Chat Window Settings à

Real Time Monitoringà

Comparing the ProProfs Chat with PowerChat with regards to Dynamics CRM integration à

PowerChat provides a managed solution that we import inside our Dynamics CRM, then we register through the configuration page of that solution to get started. In case of ProProfs there is no solution file. We register at their site.
PowerChat Users are Dynamics CRM Users and can chat with visitors from within Dynamics # CRM. In ProProfs Chat, the operators are not the crm users and their account needs to be created / added separately.
PowerChat allows different Chat Widgets to be created, to be used in different web pages or web sites. Agents can be associated to the Chat Widgets. In ProProfs Chat, there is concept of Departments to achieve the same.
PowerChat allows agents the option to create lead/ contact/case records manually during the chat. In ProProfs Chat, the lead /contact/ case records are auto created based on the configuration, we can select which records to be created.
PowerChat auto creates PowerChat Activity record for each chat which has all the details of the chat. ProProfs Chat doesn’t create any other records expect lead/contact/case inside Dynamics CRM.
They both have the option of configuring the chat windows, fields to be added, snippets to be reused during chat, multi agent support.
PowerChats is natively integrated with Dynamics CRM, so the CRM Users do not have to be working on 2 different applications. However, ProProfs brings in with it lot more features like routing chat to another operator, co-browsing, APIs support, Reports, Real Time Visitor monitoring etc.

Check the guide here to see all the features

https://chathelp.proprofs.com/home

Hope it helps..

Enable Live Chat in Microsoft Dynamics 365 CE (CRM) using PowerChat

PowerChat is the live chat solution / addon developed by PowerObjects that supports both Dynamics CRM On-Premise and Online.

Below we will look at how to set it up and what are the features it provides.

To get started

Download the appropriate solution

https://www.powerobjects.com/powerpacks/powerchat/

After successful import of the solution, next step is to register the solution. For this, open the solution and click on the configuration page, provide the required details in the Profile and Setup tab.

In Setup tab, provide the Cloud Location nearest to your deployment.

The PowerChat solution adds the following entities in the sitemap.

and the following security roles

In Agents i.e. agent record we can specify the System User who would be working as agent and topics they are working on.

Topic, Agent and Widgets work hand in hand. We can have multiple topics defined in the system and for each topic we can define the agents who’d be handling that topic along with the widget that will be used for that topic.

Widgets specifies the Chat Interface that would be deployed in the website. Clicking on Design opens the design interface for the widget.

Below are some of the different options that can be configured for the chat widget.

Once we are done with the configuration of the chat widget, we need to click on GENERATE SCRIPT ribbon button to get the script for the widget which we will be embedding to our websites.

Below is the script generated à

Below is the sample website where we have embedded the above script

Back in CRM, users need to click on Power Chat and start the PowerChat for communication to begin.

Power Chat interface à

Once the user clicks on Chat Now button on the Chat window, the agent gets the notification to Accept the chat.

Below is how the communication looks like for the agent as well as the customer. The green bubble below is the timer that captures the duration of the chat.

The agent also has the option of creating the lead, contact and case record associated with the chat. Create Lead and Create Contact option creates the lead and contact record in the background using the information auto populated at the Visitor Input section on the right panel.

Create Case option allows agent to specify the Case Title and Description along with the Contact Name.

Agents and Customers both have the option to end the chat, the customer also have the option to rate the agent when they close the chat.

Every interaction creates PowerChat activity record in Dynamics CRM as shown below, which records the chat history, rating, duration etc. information about the chat.

Agent can also set their status, if the agent is in Away or Busy status it will not receive the notification to accept the new chat.

As we discussed earlier if we have multiple agents configures for same topic, they both will get the notification to accept the chat as shown below.

Also, Agent has the option of adding another agent to the chat.

The invited chat agent can either accept or decline the request.

Below is how the communication looks like when we have multiple agents working with the same customer. Both the users are communicating with the Customer at the same time as shown below.

One more feature that agent has while interacting with the customer is to use the snippet, which basically defined predefined content which agents can use.

Thus, we saw how easy it is to configure the PowerChat and get started with Live Chat capabilities in no time.

Few months back we had also explored PowerApproval the approval solution for Dynamics CRM as part of PowerPacks add-on. Do check it out.

https://nishantrana.me/2019/01/02/implementing-multi-level-approval-using-powerapproval-in-dynamics-365-ce/

Hope it helps..

Out of preview – New Model-Driven form designer (WYSIWYG) in PowerApps

Finally the new model-driven designer is out of preview and available for general use

https://powerapps.microsoft.com/en-us/blog/announcing-the-general-availability-of-the-new-model-driven-form-designer/

Since I wrote about it last the few changes that we can see are

New Field button that allows adding Lookup Fields. However I still don’t see the option of Option Set fields there.

Form

Grouping of Components Section

Form

Preview for the components

Form

Looking forward to see all the remaining features that are part of our classic Form Designer like addition of Business Rules, Show Dependencies, Enable Security Roles etc. to be part of the new designer.

Below are the previous blog posts that I wrote about the new model driven apps while it was still in preview –

https://nishantrana.me/2019/08/19/subgrid-quickview-linear-gauge-arc-knob-linear-slider-controls-added-in-new-model-driven-form-designer-wysiwyg-in-powerapps/

https://nishantrana.me/2019/08/05/sub-grid-added-to-the-new-model-driven-form-designer-wysisyg-in-powerapps/

https://nishantrana.me/2019/05/27/few-improvements-in-new-model-driven-form-designer-wysisyg-preview-in-powerapps/

https://nishantrana.me/2018/12/24/the-new-model-driven-form-designer-wysisyg-in-powerapps-for-model-driven-apps-dynamics-365-ce-preview/

Hope it helps..

Performance testing Dynamics 365 CE using StresStimulus

Recently we were evaluating StresStimulus, the load testing tool, for our performance testing requirements. The tool is quite user friendly and intuitive and in a matter of few minutes (and few clicks), we were up and running.

Get the tool (trial) here

https://www.stresstimulus.com/download

Install it with the Fiddler Add-On (recommended) option checked. It also has stand alone tool along with the fiddler add-on,

Once installed, open the fiddler, go to StresStimulus tab and click on Record Test Case …

This opens us the Test wizard from us, here we have selected Web Browser – Chrome as the recording source for Dynamics CRM.

Specify the Dynamics CRM URL and other options as required and click on Record

During recording we can specify various transaction, or basically events that we are capturing inside the recording toolbar. Here clicking on Start Recording will open Chrome for us with Dynamics CRM URL specified. We have specified “Login” in the transaction box to capture set of actions specific to login.

After login, we want to capture creation of Contact Create, we can specify the same in Recorder tool bar and continue creating the contact record in CRM.

Similarly, we can record other events, once done, click on Stop to stop the recording.

Do check out this post à

https://community.dynamics.com/crm/b/crmperformancetesting/posts/performance-testing-dynamics-crm-365-scenarios

On successful autocorrelation parameters are created we can configure our test case.

The first button gives us the option of removing the unwanted host by auto checking the hosts.

Click on delete to remove the unwanted hosts auto selected for us.

Next we are presented with the option of selecting the content types to include in the test case.

Followed by Server authentication credentials. (in our case we ignored it)

As the last step we can verify the test case, which replays the test case to check for any errors, before we can save it or run it.

Next after successful verification, we can define Load Pattern and Number of VU (Virtual user)

Here we have specified Steady Load with 50 Users. The other options available are Step Load, Peak Load and Custom Load. We can request trial to receive 7 day license, which allows us to specify 50 VU, else the download version is limited to 3 VU.

We are leaving the Test Duration values as default

Same for the think time i.e. 2 minutes.

Finally, we can click on Run Test to run our test configured. We can also run the test from Run and Monitor Test Options

We can see our Test Run in action

Once the test run completes, we are presented with the Test Summary

Graphs tab

Details Tab

VU Activity Tab

Back in CRM we can see the records created as a part of test run.

We can also compare results of different test run.

Below is our multi-test report.

Same report in Graph Form.

Get all the details here

https://www.stresstimulus.com/load-testing-tool/dynamics-crm-performance-testing

Hope it helps..

OAuth 2.0 with Dynamics 365 CE Web API

OAuth can be defined as delegation or authorization protocol.

The resource owner who owns the resource is allowing an application to access that resource on their behalf without impersonating the resource owner.

The application first requests for the authorization from the resource owner and receives the token using which it can access the resource.

Here the token specifies the delegated rights that the client application will have.

Below are the main components that are involved in OAuth.

Resource Owner	In most of the cases it is the user who has access and can delegate access to the Web API. In Dynamics CRM context it can be the CRM User.
Protected Resource	Web API of Dynamics 365 CE
Authorization Server	Trusted by protected resource (Dynamics CRM) to issue Access Tokens to Clients, which the client can then use to access protected resource (Web API). Azure Active Directory (Azure AD) in this case. Resource Owner authenticates to the Authorization server, so the credentials are not exposed to the client.
Client	3^rd party application that wants to use the Dynamics 365 Web API on behalf of the Resource Owner (CRM User).

There are several different kinds of grant type or flow that exist in OAuth for getting the access token.

OAuth 2.0 Authorization Grant Type

The below image wonderfully explains it in the context of Dynamic 365 Customer Engagement.

The resource owner (CRM User) opens the Client Application in the User Agent (Browser)
Client Application asks the resource owner to authorize at the authorization server.
Resource Owner authenticates and grants authorization to the Client. Authorization server gives authorization code to the Client.
Client uses this authorization code along with its own credentials to request access token from authorization server.
Client receives the access token that it uses to use the protected resource i.e. Web API.

As the user’s authenticates using his credentials with the authorization server, this information is not accessible to the client application, thus protecting user from sharing the credentials with the Client Application. Along with Access Token, we have Scope in OAuth 2.0 basically set of rights for the protected resource, which provides the mechanism for limiting the access granted to the client application. Also Refresh Token which is to be used when the access token has expired or stopped working. Client asks for the Refresh token from the Authorization Server and then uses this new token to access the protected resource.

Check out the below blog post for further details

https://nishantrana.me/2019/08/25/connect-to-dynamics-365-web-api-using-oauth-2-0-authorization-code-grant-type/

Implicit Grant Type

Implicit Grant Type is for the client applications that can’t keep any secrets from the browser, a JavaScript Application running completely inside the browser. So instead of authorization code, in implicit grant, the authorization server returns the access token.

Few limitations of this flow are first it can’t keep the secret as it will be available to the browser, also this flow cannot be used to get the refresh token as the session is limited to the browser context.

The client sends the request with request_type as token (instead of code in case of Authorization Grant) to the Authorization Endpoint of the Authorization Server.
The resource owner authenticates and authorizes the client.
The authorization server generates the token, attaching it to URI fragment of the response.

https://nishantrana.me/2019/08/27/connect-to-dynamics-365-web-api-using-oauth-2-0-implicit-grant-type-through-postman/

https://nishantrana.me/2019/08/28/connect-to-dynamics-365-web-api-using-oauth-2-0-implicit-grant-type-through-single-page-apps/

Client Credentials Grant Type

Client Credentials Grant Type is for scenario when we do not have any explicit resource owner (or user) like a back-end system or CRON job running on the server. As there is no user involved to delegate the authorization, client acts as the resource owner.

The client application requests the access token directly from the token endpoint of the Authorization Server with grant_type as client_credentials.
The authorization server issues the access token to the client.

https://nishantrana.me/2019/08/24/connect-to-dynamics-365-web-api-using-oauth-2-0-client-credentials/

Resource owner credentials grant type

The client application prompts Resource Owner for username and password.
Client application uses this information to request access token (with grant_type as password) from the Token Endpoint of the Authorization Server.

Here the disadvantages are that the credentials are exposed to the client application, and also the same is passed in plain text to the authorization server. This grant type is only recommended to be used for the legacy applications to bring them into the OAuth world, wherein they can work with access token, scopes etc. One good thing about this flow is that the password is exchanged only first time when requesting the access tokens, instead of every request.

https://nishantrana.me/2019/08/23/connect-to-dynamics-365-web-api-using-oauth-2-0-resource-owner-password-credential-ropc/

Decision Tree for the choosing the right grant type

Recommend read –

https://auth0.com/docs/api-auth/which-oauth-flow-to-use

https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-flows-app-scenarios#scenarios-and-supported-authentication-flows

https://debajmecrm.com/?s=oauth

Hope it helps..

Connect to Dynamics 365 Web API using OAuth 2.0 – Implicit Grant Type (through Single Page Apps)

In previous post we saw how to connect to Dynamics 365 Web API using Postman and Implicit Grant type, in this post we will be creating a single page html application and will use ADAL library in our JavaScript to call Web API using Implicit Grant Type.

While writing the single page application, we need to consider CORS. CORS – Cross-Origin Resource Sharing basically enables us to access resources that are in different domain and here the CORS support is only enabled for the Web API and not for the Organization Service. The Azure Active Directory Authentication Library (adal.js) that we will be using in our Single Page App will takes cares of all the CORS complexity for us.

To get started,

Create a new ASP.NET Web Application of type Empty Project.

Add an HTML page to it.

Add the reference to ADAL JS i.e. Azure Active Directory Library for JavaScript, which allows client application to get tokens on behalf of users using OAuth 2.0 Implicit Flow.

To make example easy to understand, let us add just 3 buttons and 2 DIV

Before we proceed further, login to Azure Portal and register the client application.

Copy the Client Id.

Specify the URL of the page that we are working on as the REDIRECT URI and also enable Access Tokens and ID Tokens required for implicit grant to work.

Back in our html page,

First step is to get the AuthenticationContext object.

To get the authentication context we can use the below line of code

Below is how we will specify the configuration details required by the AuthenticationContext.

postLogoutRedirectUri – ADAL redirects the user to postLogoutRedirectUri after logout. Defaults is ‘redirectUri’.
cacheLocation – ADAL caches tokens in the browser storage which defaults to ‘sessionStorage’. You can set this to either ‘localStorage’ or ‘sessionStorage’.

Read about all the configuration options here

https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Config-authentication-context

Login method will redirect the user to a new page for entering the credentials. If we want to remain in the same page and use popup instead, we can specify it in the popUp property of config.

To get the user details use the GetCachedUser() method of Authentication Context. The sign-in flow not only gets the token but also authenticates the user with Azure AD. The user.profile property contains the claims about the user.

User Profile è

AcquireToken method of AuthenticationContext to get the token and make the request

The getUserDetails method

The basic flow of the application à

Click on Login to authenticate. The message div indicates that there is no user information present in the cache.

Enter the credentials

This redirects back to the page, showing logout button and Get User GUID button and hiding login button. It also shows the Name of the user fetched from the profile.

user.profile.name

Click on Get User GUID to call the WhoAmI request and display the GUID of the user.

Finally click on Logout and select the account to sign out of.

On successful sign out we will be redirected to our page.

Back in our Fiddler below is the Request being passed to the Authorization end point.

response_type value of id_token value has been added by OpenID Connect. OpenID connect extends OAuth 2.0, by adding the authentication layer to it, by allowing the verification of the identity of the end user as well as to obtain basic information about the end user.

More on OpenId – https://medium.com/@darutk/diagrams-of-all-the-openid-connect-flows-6968e3990660

Source code

Hope it helps..

Connect to Dynamics 365 Web API using OAuth 2.0 – Implicit Grant Type (through Postman)

In the previous post we covered below grant type

here we’d be looking at the Implicit Grant Type.

Implicit Grant Type is for the “Public Clients”, client application that cannot keep the Client Secret, HTML or Angular app that communicates from the browser (through JavaScript) and have no server involved, therefore used for Single Page Application (SPA).

Instead of getting the authorization code from the Authorization Server like in case of Authorization Grant and then using the authorization code (along with Client Secret) to get the access token. In case of Implicit Grant, the client application directly requests for the access token from the Authorization Endpoint.

We need to pass the below details

response_type	token
client_id	Application ID
redirect_uri	http://%5Blocalhost%5D

to the Authorization URL à

https://login.microsoftonline.com/[tenantid]/oauth2/authorize

The redirect_uri must match against the one registered, this way the Authorization Server, makes sure that there are no unauthorized client applications requesting the token.

Some of the drawbacks are that the Access Tokens are exposed to resource owner in the URL and also there is no validation that the access token is meant for that particular client.

To get started à

For Redirect URI we will set the URL of the single page application which we will be developing later. So specify any valid URL there.

Enable the application for the Implicit Flow by setting oauth2AllowImplicitFlow as true from Manifest of the application.

Or from the Authentication section.

From Postman à

Go to Authorization tab and click on Get New Access Token button

Specify Grant Type as implicit, along with CallBack Url i.e. redirect_uri and the client id.

Here for the Auth URL, we should have the resource query parameter specified in the Authorization Endpoint which refers to our Dynamics CE Organization.

https://login.microsoftonline.com/bd88124a-ddca-4a9e-bd25-f11bdefb3f18/oauth2/authorize?resource=https://[org].crm.dynamics.com

Click on Request Token to get the access token.

Inside Fiddler: We’d see the following parameter being passed to the authorization endpoint.

Clicking on Request Token will open the popup for us to login and provide the consent.

The access token à

Let us try changing the Callback Url and send the request again

We’d get the below error

As was mentioned earlier –

The redirect_uri must match against the one registered in the application, this way the Authorization Server, makes sure that there are no unauthorized client applications requesting the token.

Hope it helps..

Fix – AADSTS700054: response_type ‘id_token’ is not enabled for the application -Dynamics 365 CE (Implicit Grant)

If we have not enabled the application to request an id_token directly from the Authorization Endpoint (while writing Single Page Application that uses Implicit Flow Grant), we would get the below error à

To fix it, go to Manifest of the application registered and set oauth2AllowIdTokenImplicitFlow to true.

Another option of setting this property is through Authentication à Advanced Settings section of the Application.

Similarly, if the application is expecting Access tokens i.e. token and if that is not enabled, we will get the below error

AADSTS700051: response_type ‘token’ is not enabled for the application.

To fix it à

Set oauth2AllowImplicitFlow: true

Hope it helps.

Connect to Dynamics 365 Web API using OAuth 2.0 – Authorization Code Grant Type

In the previous post we covered Password and Client Credentials grant type, here we’d be looking at the Authorization Code Grant Type.

The Authorization Code Grant Type is for the Confidential Clients i.e. basically for the server side web applications that are written in server side language and source code is not available to the public. So these application can use client secret when requesting token with authorization server. We can also have Single-Page Apps, who have their entire source available to the browser, and that cannot maintain the confidentiality of the Client Secret, use the same flow for getting the authorization code and in the step when requesting for access token pass only the client id and authorization code without using client secret.

In Authorization Code Grant Flow

The client application redirect the user agent to the Azure AD Authorization Endpoint.

Mainly it passes below values to the

response_type	code
client_id	Application Id
redirect_uri	Redirect URI specified.

Azure AD Authorization Endpoint

https://login.microsoftonline.com/[tenantid]/oauth2/authorize

The user authenticates and consents the client application

The Azure AD authorization endpoint redirects the user agent back to client application with an authorization code at the redirect URL (i.e. code query parameter)

The client application uses this authorization code to request the access token from the authentication token endpoint by passing resource, client_id, grant_type = “authorization_code”, code and redirect_uri as shown below.

The Azure AD issues the access token, which the client application can use to call the Web API.

For our sample code to work: –

First Register the Application with Azure Active Directory to get the ClientId.

Get the authorization and token end point. Navigate to Overview and click on Endpoint to get these endpoints.

Also specify a Redirect URI for the application.

Navigate to Authentication and select the suggested Redirect URI.

Below is the sample C# Code: –


static void Main(string[] args)
{
// Dynamics CRM Online Instance URL
string resource = "https://bankfabdemo.crm.dynamics.com";

// application id
var clientId = "eb17e844-adfc-4757-ba6d-5384108e184a";

// redirect URL
var redirectURI = "https://login.microsoftonline.com/common/oauth2/nativeclient";

// Authenticate the registered application with Azure Active Directory.
AuthenticationContext authContext =
new AuthenticationContext("https://login.microsoftonline.com/bd88124a-ddca-4a9e-bd25-f11bdefb3f18/");

AuthenticationResult authResult = authContext.AcquireToken(resource, clientId, new Uri(redirectURI));
var accessToken = authResult.AccessToken;

// use HttpClient to call the Web API
HttpClient httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Add("OData-MaxVersion", "4.0");
httpClient.DefaultRequestHeaders.Add("OData-Version", "4.0");
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);

httpClient.BaseAddress = new Uri("https://bankfabdemo.crm.dynamics.com/api/data/v9.0/");

var response = httpClient.GetAsync("WhoAmI").Result;
if (response.IsSuccessStatusCode)
{
var userDetails = response.Content.ReadAsStringAsync().Result;
}

}

Within Postman :

Click on Request Token, login and give consent à

The token à

Hope it helps..

Connect to Dynamics 365 Web API using OAuth 2.0 – Client Credentials

In the last post we learned about connecting to Dynamics 365 Web API using Resource Owner Password Credential (ROPC), here we’d be covering the Client Credentials grant.

Client Credentials grant is designed for the client applications who are the resource owner and when basically there are no users involved, a batch (cron) job or a service using Web API, running in the background, on the server is one such example.

Here we will not be using the authorization endpoint, and the client application will be sending its own credential, instead of impersonating a user, directly to the token endpoint. The benefit compared to basic authentication or API keys is that credentials are not being sent with every request, it is only sent while requesting the access tokens along with all the other benefits of using access token – stateless, fine-grained access control, access token lifetime etc.

Let us see an example of using the Client Credentials grant in our console application. Along with the Client Id that we got when we registered our client application in the Azure Active Directory, we would need the Client Secret.

Follow the below steps to generate the Client Secret

https://portal.azure.com

Select the application registered and click on Certificates & secrets option

Click on New client secret button to generate the client secret. Copy the generated client secret. Select the expiry as per the need.

Copy the secret generated and save it, as it won’t be available later when we are navigating here.

Also, we can get the Authentication Token Endpoint, for that navigate to Overview à Endpoints

And copy the OAuth 2.0 token endpoint.

Next step is to create the Application User within Dynamics 365 CE corresponding to the client application.

Set Application Id as the Client Id of the Application registered and specify other mandatory values and save the record.

Assign appropriate security role to the new application user added.

Sample C# Code à


static void Main(string[] args)
{
// Dynamics CRM Online Instance URL
string resource = "https://bankfabdemo.crm.dynamics.com";

// client id and client secret of the application
ClientCredential clientCrendential = new ClientCredential("eb17e844-adfc-4757-ba6d-5384108e184a",
"p.eS+MI9cXkO_gQ02_lMlUXVSVCujyU0");

// Authenticate the registered application with Azure Active Directory.
AuthenticationContext authContext =
new AuthenticationContext("https://login.microsoftonline.com/bd88124a-ddca-4a9e-bd25-f11bdefb3f18/oauth2/v2.0/token");

AuthenticationResult authResult = authContext.AcquireToken(resource, clientCrendential);
var accessToken = authResult.AccessToken;

// use HttpClient to call the Web API
HttpClient httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Add("OData-MaxVersion", "4.0");
httpClient.DefaultRequestHeaders.Add("OData-Version", "4.0");
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);

httpClient.BaseAddress = new Uri("https://bankfabdemo.crm.dynamics.com/api/data/v9.0/");

var response = httpClient.GetAsync("WhoAmI").Result;
if (response.IsSuccessStatusCode)
{
var userDetails = response.Content.ReadAsStringAsync().Result;
}

}

Within Fiddler à