In one of my previous blog post, I've explained how to retrieve data from CRM to Portal using OData.
Where to use oData:
OData is the simplest way to retrieve the list of CRM records to Portal, but if you are not aware of the do's and don'ts then you might need to face a tough consequence for that.
If we read carefully the Microsoft documentation it says below:
The OData feed that is published is anonymous and does not have any authorization checks; therefore, it is important not to enable oData feeds for data that is unsuitable for anonymous portal access.
So there is no possibility of adding an additional mechanism of checking for the authenticated user or not from the portal end.
To conclude:
Do not expose any sensitive data via OData to the portal via Dynamics CRM with Entity List configuration.
Where to use oData:
In case if the data to be displayed on portal is not sensitive such as displaying list of products in an e-commerce website or having a blog feed etc.
Alternate Solution for sensitive data:
The best way is to use a liquid template to get the data, I've explained this process in one of my previous article. Below is the link
Hope this gives insight into the problem and solution.
Comments
Post a Comment