❌How to Fix the ‘Client Authentication Scheme Anonymous’ Error in Dynamics 365

If you’re working with Dynamics 365 Integration (CRM) , there’s a good chance you’ll run into this common error. This issue typically occurs when your app registration or service client (such as a WCF service, plugin, or console application) is not properly authenticated in Dynamics 365. Additionally, Dynamics 365 will reject access if the app user does not have sufficient privileges, even if authentication succeeds.

System.ServiceModel.Security.MessageSecurityException: 'The HTTP request was forbidden with client authentication scheme 'Anonymous''.

How to Solve

This can be solved by giving your app registration access to dynamics 365 security role.

Step 1 : Go to https://admin.powerplatform.microsoft.com/manage/environments

Step 2 : Select your environment by clicking Manage option and then select your environment which you are trying to connect.

Step 3 : Click on settings.

Step 4 : Under Settings -> Users + Permissions -> Application Users

Step 5 : You have to add the app registration client id here so that it can access dynamics 365 as a app user and then giving sufficient security roles.

Step 6 : Enter your client Id here. You can also search with name.

Step 7 : Select your business unit with name and then select security role and save.

Note: Always follow the principle of least privilege when configuring access for an app user. Assign only the necessary permissions required for the app to function. Avoid granting full or system administrator privileges unless absolutely required for the scenario.

And thats it !! Now you can authenticate your application and the issue is resolved.

Neeraj Agrawal

Senior Power Platform Consultant with deep expertise in customization, optimization, and integrations. Committed to giving back to the CRM community by breaking down complex concepts, sharing real-world insights, and helping others succeed with Dynamics 365 & Azure.