Help Center
Welcome to the WalkMe Help Center

Please login in order to continue:

Work flows better with WalkMe
Work flows better with WalkMe.

Workstation – CRM Dynamics Integration

Last Updated April 8, 2024

Brief Overview

Microsoft Dynamics 365 is a product line of enterprise resource planning (ERP) and customer relationship management (CRM) intelligent business applications.

Easily integrate the CRM application within WalkMe's Enterprise Search and the new My CRM Tasks widget.

Use Cases

  1. Enterprise Search: Search for 4 CRM Dynamics objects- Leads, Contacts, Accounts and Opportunities
  2. 'My CRM Tasks' widget: View and access open tasks using the 'My CRM Tasks' widget

Security Overview

The Enterprise Search uses 3rd-party integrations to implement a "federal search". Searches within Workstation are backed by an NLP engine, and a graph database that supports a great user experience.

Workstation Enterprise Search doesn't index 3rd-party data on an independently searchable database.

See below sequence diagram describes the searching algorithm:

Notes

  1. Cache layer saves results for a period of five minutes
  2. Each Adopter Service creates a unique identifier for the results which is meaningless without access to the 3rd-party and stores it in the graph database

3rd-Party Access and Refresh Tokens

To activate the Enterprise Search (and the Personalized Workspace widgets), each employee is required to grant Workstation permission to access the 3rd-party.

The granting process is using the OAuth2.0 protocol. Each time a new access token is granted to the Workstation, the application will encrypt the access and refresh tokens and store it in a remote database.

The encryption process includes a unique private key (“salt”) that is generated for each individual at the very first bootstrap and stored in the local machine Keychain. The salt is irreplaceable and not restorable – losing it causes the access tokens to be voided. This security measure is being taken to eliminate identity spoofing when accessing high-sensitive data.

See the diagram below to review the salt generation and storage flow.

Accessing 3rd-Party Content

Accessing 3rd-party content requires end-user consent, and in some cases, mostly on Microsoft products, an organization admin consent. End-users grant Workstation the necessary permission by approving an OAuth2.0 consent screen that is being triggered by them from the Workstation application (“Third-party apps”).

The third-party apps are being approved and verified by third-parties products. By the end of the granting process, the third-party apps provide access and refresh tokens that are used by the search engine to establish the requests.

See 3rd-Party Access and Refresh Tokens section above for more information about the storing mechanism.

While searching, the search engine forwards the request, before hitting the Adopter Service, through the Token Injector; a service that injects the relevant tokens to accomplish the request. The local private key is being handed off over the search HTTPS request for runtime decryption.

JWT Protection

When an end-user initiates a search query – the WalkMe enterprise search starts a search flow that is being protected by a JWT assigned by WalkMe IdP integration, as part of the end-user signing flow:

The JWT is proxying the user identity and keeping any HTTPS request secured and individual.

All Workstation requests are protected by a JWT validation.

  1. First, make sure that at-least one person connects CRM Dynamics from your organization. Follow the Installing CRM Dynamics on Workstation section below to learn more
  2. Then, as an Administrator – navigate to Azure Portal and connect with your Administrator account
  3. Once logged in, select Enterprise Applications
  4. Select All Applications and pick WalkMe for CRM Dynamics 
    1. It will appear the same as WalkMe for SharePoint flow in the images below, but the app name will be “WalkMe for CRM Dynamics”
  5. Select the Permission tab
  6. Click on Grant admin consent for {{your organization name}}
  7. Once clicked, a popup should appear (be aware if you have a popup disabler installed)
    1. If you're asked to sign in again, use your Administrator account
  8. Click Accept on the dialog, confirming organization users to installWalkMe for CRM Dynamics, for personal use
  9. Once granted, you'll see a confirmation for each permission on the Application page
    1. Permission required for CRM integration:

Connecting CRM Dynamics on Workstation

  1. Navigate to the Workstation Integrations page in the WalkMe Console:
    1. US Database: https://console.walkme.com/workstation/integrations
    2. EU Database: https://eu-console.walkme.com/workstation/integrations
  2. Find the CRM Dynamics integration and click Setup
  3. Enter the Sub domain that was assigned to you by CRM Dynamics
    How to find your sub domain...

    The subdomain is part of the URL, for example: https://org31ec4237.crm4.dynamics.com/ the sub domain will be org31ec4237.crm4

  4. Click Save and Enable
  5. Open Workstation by clicking on the widget (on Windows)/ the WalkMe icon (on the Mac menu bar) or by hitting hitting ctrl/cmd+shift+E
  6. Click the Settings icon on the bottom-left corner
  7. On the Integrations tab, click Connect on the CRM Dynamics card

Was this article helpful?

Thanks for your feedback!

Be part of something bigger.

Engage with peers, ask questions, share ideas

Ask the Community
×