Multi-Factor Authentication (MFA) and CRM Connections

Having trouble connecting your CRM to AutoMerge? Maybe it’s multi-factor authentication…

Consider this scenario:

You have enabled MFA on your AzureAD tenant. The particular user you are using for AutoMerge to access your Dynamics CRM has MFA required. You attempt to enter your regular user & password combo into the CRM Connection Verify page and it fails. What are you to do next?

CRM Connection Verify Error
CRM Connection Verify

Since the AutoMerge service connects as a service, it cannot go through the Multi-Factor-Authentication step that we humans have to endure. Hence this error.

The work-around is App Passwords.  App passwords allows a service to authenticate without MFA. The caveat being that this is meant for a service to connect, and hence it can only access the service layer. Not the browser interface.

Microsoft’s documentation on App Passwords: 

And when you are ready to set up an App Password especially for AutoMerge service to use, you browse directly to:

Remember to copy/paste the password during the creation process because you won’t be able to view the password afterward.

App Password Dialog
App Password Dialog

Now back on the AutoMerge Verify Page, if you put the same user as before, but use the new App Password you just generated, everything should work fine:

CRM Connection Verify Success
CRM Connection Verify

Happy AutoMerging!