OAuth: What, Why and How

What is OAuth?

In Short – OAuth helps to improve user security and provides support for options like multi-factor authentication (MFA).

OAuth is an open standard that is designed to provide access delegation to a third party to view resources and information of services commonly on the internet without a user providing their password. This means that an authorized service can provide limited/controlled access to a third party (like intelli-CTi™) with the approval of the owner of the resource.

This means that OAuth does not share the user’s password but instead uses authorized tokens to provide an identity between the third-party and the target resource.

Why intelli-CTi™ supports OAuth

intelli-CTi™ provides the use of OAuth to connect to Microsoft Dynamics 365 Online for a safer and more secure method of using the product (view below diagram for an overview). Additional benefits include support for multi-factor authentication, as well as no longer needing to store the user’s password.

intelli-CTi™ will ask for two basic delegations which include: signing in and reading the signed-in users’ profile, and user impersonation within Dynamics CRM. Since Microsoft Dynamics 365 supports and manages its users and user security roles, the required delegations of intelli-CTi™ are deliberately kept low. Once authorized, intelli-CTi™ will be acting as the signed-in user and that user’s security roles will be enforced as normal.

Simplified OAuth Process

How to enable OAuth within intelli-CTi™

The option to use OAuth can be found in the Service Connection Settings of the QGate Integration Service for Dynamics 365 within the QGate Breeze Configuration. By default, this option is unchecked.

OAuth is supported in v4.2 of intelli-CTi™ for Microsoft Dynamics 365, released in September 2019.

   
Further Information:

See the intelli-CTi Help Center User Guidelines for important considerations of use.