Developing a custom application for Microsoft CRM 2011, I ran into a frustrating issue that took a lot of time and investigation to resolve. During creation of the ServiceProxy object in my code, I kept getting an exception with authentication:

System.NotSupportedException: The authentication endpoint Username was not found on the configured Secure Token Service! at Microsoft.Xrm.Sdk.Client.IssuerEndpointDictionary.GetIssuerEndpoint(TokenServiceCredentialType credentialType) at Microsoft.Xrm.Sdk.Client.ServiceConfiguration1.Authenticate(TokenServiceCredentialType endpointType, String appliesTo, String keyType, IssuerEndpointDictionary issuerEndpoints, ClientCredentials clientCredentials, SecurityToken securityToken) at Microsoft.Xrm.Sdk.Client.ServiceConfiguration1.Authenticate(TokenServiceCredentialType endpointType, String keyType, ClientCredentials clientCredentials, SecurityToken securityToken) at Microsoft.Xrm.Sdk.Client.ServiceConfiguration1.Authenticate(ClientCredentials clientCredentials) at Microsoft.Xrm.Sdk.Client.ServiceProxy1.AuthenticateCore() at Microsoft.Xrm.Sdk.Client.ServiceProxy1.ValidateAuthentication() at Microsoft.Xrm.Sdk.Client.ServiceContextInitializer1.Initialize(ServiceProxy`1 proxy) at Microsoft.Xrm.Sdk.Client.OrganizationServiceContextInitializer..ctor(OrganizationServiceProxy proxy) at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.CreateCore(Entity entity)

This was very frustrating, especially since I was getting the error from some machines but not others, from both inside and outside of the perimeter firewall. Needless to say, this was confusing because the code was obviously solid and working from some workstations/servers but not from others with no rhyme or reason.

As it turned out, this was actually a problem with the ADFS server configuration. Here is the resolution that worked for our setup:

  1. Manage the ADFS server.
  2. Go to ADFS > Service > Endpoints.
  3. Find the URL path for /adfs/services/trust/13/username of type WS-Trust 1.3.
  4. Modify it so that it has a value of Yes for both the “Enabled” and “Proxy Enabled” settings.

Our configuration was only “Enabled” and not “Proxy Enabled.” Doing this and bouncing the ADFS server resolved the problem immediately. I still have no idea why it was working from some servers and not others, but now it is working from all machines!

Are you struggling with CRM configuration, optimization, or upgrading? We are specialists! Learn more about eimagine’s Microsoft Dynamics CRM experience.

Like this post? Share it!