I'm trying to access data from our on-premise Dynamics (v8) via OData WebService using RestSharp / System.Net.Http but in this case, I'm kind of stuck. I fiddled around a couple of days now and the problem seems to be somewhere around the authentication but I don't know what I'm doing wrong.
The URL I'm sending a GET-Request to is https://host.fqdn/systemenv01/api/data/v8.2/$metadata using a valid Windows domain user account that is able to log on to the dynamics normally. When I try this in Firefox or the latest version of Postman (v7.36) using NTLM-Auth I get a proper metadata XML as the result.
But when I try the same using RestSharp or simply System.Net.Http I only get an HTTP401-Unauthorized as a response. What I tried to do is setting the user credentials as NetworkCredentials like
var client = new RestClient(Url);
var request = new RestRequest(Method.GET);
client.FollowRedirects = true;
client.Timeout = -1;
client.PreAuthenticate = true;
request.Credentials = new NetworkCredential(User, Password);
but this doesn't seem to make any difference at all. Interestingly the response contains a header with the name "WWW-Authenticate" and the value "Negotiate some.encrypted.string" but I don't know what I should use this for. Would be great if someone could help me get this solved! Thanks in advance!
I found something very interesting:
The authentication works perfectly when I replace the domain name of the Dynamics system with its IP address.
I do not know this for sure but this domain is below the TLD
.devwhich has HSTS activated by default.I even tried connecting using another FQDN from another TLD (which was
.net) and this worked perfectly as well.Therefore I conclude the issue is originated in the configuration and handling of HSTS.