(Only for internet facing installation)
Instruction to configure your ADFS for a new OAUTH2 client to use with Connector
To register a new oAuth2 client for automatic sync, run the following from the Administrative PowerShell prompt -
Add-ADFSClient -Name "oAuth2 Client for iSync" -ClientId "some-uid" -RedirectUri "https://isync.ienterprises.com/oauth2client/mscrm.php"
To register a new oAuth2 client for Connector G-Suite add-on, run the following from the Administrative PowerShell prompt -
Add-ADFSClient -Name "oAuth2 Client for Connector" -ClientId "some-uid" -RedirectUri "https://script.google.com/macros/d/17V0Pk2A7VTevuNUbsgXMCnfgYIvN6pblZduRWjLNoNDlw5SzIem3o0Hi/usercallback"
Obtaining refresh tokens from ADFS
Refresh tokens are needed from ADFS to keep the login active. To set them you’d run the following from an Administrative PowerShell prompt -
Set-AdfsRelyingPartyTrust -TargetName "RPT Name" -IssueOAuthRefreshTokensTo AllDevices Set-AdfsRelyingPartyTrust -TargetName "RPT Name" -TokenLifetime 10 Set-AdfsProperties -SSOLifetime 480
This would issue access tokens with a lifetime of 10 minutes and refresh tokens to all clients with a lifetime of 8 hours.