Overview
You may want to utilize integration options between Playbooks and MS Dynamics that do not use credentials to establish the connection; this is needed to enhance the security of your data.
Information
For integration with MS Dynamics, Playbooks currently utilizes the OAuth 2.0 Resource Owner Password Credentials (ROPC) grant, which allows an application to sign in the user by directly handling their password, which is stored in Playbooks Cloud.
We are aware that Microsoft does not recommend this and instead recommends the use of Microsoft Authentication Libraries (MSAL) to acquire tokens and call secured web APIs, and that the following warning is posted on Microsoft's documentation page for OAUTH 2.0 ROPC:
Microsoft recommends you do not use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application, and carries risks which are not present in other flows. You should only use this flow when other more secure flows can't be used.
Please note that the feature to use integration options that do not use credentials (like MSAL) to connect to Dynamics CRM is currently not available in Playbooks; it has been logged as enhancement and will be considered for future releases.
<supportagent>
Legacy enhancement JIRA: PB-3393
</supportagent>
Priyanka Bhotika
Comments