What is OAuth?
In Short – OAuth helps to improve user security and provides support for options like multi-factor authentication (MFA).
OAuth is an open standard that is designed to provide access delegation to a third-party to view resources and information of services commonly on the internet without a user providing their password. This means that an authorized service can provide limited/controlled access to a third-party (like intelli-CTi) with the approval of the owner of the resource.
This means that OAuth does not share the user’s password but instead uses authorized tokens to provide an identity between the third-party and the target resource.
Why intelli-CTi supports OAuth
intelli-CTi provides the use of OAuth to connect to Microsoft Dynamics 365 Online for a safer and more secure method of using the product (view below diagram for an overview). Additional benefits include support for multi-factor authentication, as well as no longer needing to store the user’s password.
intelli-CTi will ask for two basic delegations which include: signing in and reading the signed-in users’ profile, and user impersonation within Dynamics CRM. Since Microsoft Dynamics 365 supports and manages its users and user security roles, the required delegations of intelli-CTi are deliberately kept low. Once authorized, intelli-CTi will be acting as the signed-in user and that user’s security roles will be enforced as normal.
How to enable OAuth within intelli-CTi
The option to use OAuth can be found in the Service Connection Settings of the QGate Integration Service for Dynamics 365 within the QGate Breeze Configuration. By default, this option is unchecked.
OAuth is supported in v4.2 of intelli-CTi for Microsoft Dynamics 365, released in September 2019.