This documentation is archived and is not being maintained.

Walkthrough: Capturing Sample HTTP Requests

banner art

[Applies to: Microsoft Dynamics CRM 4.0]

Find the latest SDK documentation: CRM 2015 SDK

This walkthrough demonstrates how to take advantage of the strong typing of the Microsoft Dynamics CRM Web services to help determine the correct structure of the SOAP packets.

During this walkthrough you will learn how to do the following:

  • Install and use the Fiddler tool to intercept the HTTP traffic between your application and your Microsoft Dynamics CRM Server.
  • Create a simple .NET console application to perform actions on a test environment.
  • Use the information from Fiddler to create your SOAP envelope.
  • Test your code in the Microsoft Dynamics CRM application.

Download and Install Fiddler

Fiddler is a Web debugging proxy that logs all HTTP traffic between your computer and the Internet.

To install Fiddler

  1. Download Fiddler from and install it according to the instructions on the Web site.
  2. If you get an error that indicates that the underlying socket connection was closed, modify the OnBeforeResponse function within the Fiddler custom rules. To do this, in Fiddler, on the menu, select Rules, and then select Customize Rules. In the script editor, locate the onBeforeResponse function and paste the following code:
    var oS = oSession;
    var wwwAuth = 'WWW-Authenticate';
    if ((oS.responseCode == 401) &&(oS.oResponse[wwwAuth].indexOf("NTLM")==-1))
    { oS.oResponse["Connection"] = "close"; }
  3. Save the script.

Create a .NET Console Application to Perform Actions in a Test Environment

Use one of following walkthrough samples to build a .NET console application using the authentication method needed for your test environment. The client-side Microsoft Dynamics Web service calls that you create will work with either type of deployment.

For Microsoft Dynamics CRM Online you should use: Walkthrough: Using Passport Authentication

For Microsoft Dynamics CRM 4.0 use: Walkthrough: Using AD Authentication

These walkthroughs show how to create a console application to interact with the Microsoft Dynamics CRM Web services. After you have completed the walkthrough you can begin to use the Microsoft Dynamics CRM Web services.

Note    There are known issues when using Fiddler to capture traffic in an application using localhost or instead of the actual name of the server. Use the actual name of the server when calling the CRM Web services in your application. For more information, see

Use Fiddler to Intercept the HTTP Traffic between Your Application and the Microsoft Dynamics CRM Server

The walkthroughs include a validation step where a WhoAmI Message is executed to confirm that the authentication worked. The code is located in the Run method. The code looks like this:

// STEP 4: Invoke CrmService Web service methods.
        WhoAmIRequest whoRequest = new WhoAmIRequest();
        WhoAmIResponse whoResponse = (WhoAmIResponse)crmService.Execute(whoRequest);

The WhoAmI message is used with the CrmService.Execute method.

Turn on Fidder while you run the console application. After the console application has run, select Capture Traffic from the File menu in Fiddler to stop capturing traffic.

In the Web sessions area you will see four items as listed in the following table.


The first two items represent the HTTP traffic generated while your user account was authenticated. You can disregard them. When you include calls to Microsoft Dynamics CRM Web services in client-side code the application will take care of the authentication.

The second two items show the HTTP traffic that represented the WhoAmIRequest class and the resulting WhoAmIResponse class.

Result 401 (Unauthorized) represents a request that requires user authentication. Because your request had authorization it succeeded in the next attempt.

Result 200 (OK) represents the response to a successful request.

In Fidder, select the second 200 result that represents your successful request. Then, select the Session Inspector tab in the right side of the application. Select the TextView tab to see the full text that was passed with the request.

You only need to pay attention to the <soap:Body> element:

<Execute xmlns="">
<Request xsi:type="WhoAmIRequest" />

This represents the text you would need to include in your XMLHttp request to use this method.

Equally important is the response provided by the Microsoft Dynamics CRM Web Service. In Fiddler, while the 200 result is selected and with the Session Inspector tab is selected on the right side of the application, select the other TextView button above the lower panel. The Response text appears below. You only need to be concerned about the <Response> element.

<Response xsi:type="WhoAmIResponse">

This represents the values expected in the WhoAmIResponse.

Use the Information from Fiddler to Create Your SOAPXML

There are several steps in preparing the XMLHTTP object that you will use to send your Microsoft Dynamics CRM Web Service request. These steps are:

  1. Instantiate the XMLHTTP object.
  2. Define the <soap:Body> element that describes your request.
  3. Create a properly constructed <soap:Envelope> element.
  4. Send your XMLHTTP Request and process the result.

Instantiate the XMLHTTP object.

The only item specific to this request that you need to consider when instantiating the XMLHTTP object is the name of the method being used. The WhoAmI message is used with the Execute method. This needs to be specified in the SOAPAction request header.

You can use the SERVER_URL global variable to set the name of your Microsoft Dynamics CRM Server.

var xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");"POST", SERVER_URL + "/mscrmservices/2007/crmservice.asmx", false);
xmlhttp.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlhttp.setRequestHeader("SOAPAction", "");

For more information on the XMLHTTP object see While Internet Explorer 7 provides native support for the XMLhttpRequest object, it also supports the ActiveXObject supported by earlier versions of Internet Explorer.

Define the <soap:Body> element that describes your request.

Because the WhoAmI message does not require any input parameters, you can copy the <soap:Body> element directly into your script without making any changes. With most other methods you will need to substitute input parameters with values from the crmForm or results returned from other Web service calls.

var soapBody = "<soap:Body>"+
"<Execute xmlns=''>"+
"<Request xsi:type='WhoAmIRequest' />"+

Create a properly constructed <soap:Envelope> element.

The <soap:Envelope> element must include a valid authentication header. The GenerateAuthenticationHeader function is available in the crmForm and other areas of the application that support Microsoft Dynamics CRM Web service calls, such as client extension controls configured using ISV.Config. The <soap:Envelope> element can be configured using the GenerateAuthenticationHeader method and the soapBody variable defined in step 2.

var soapXml = "<soap:Envelope " +
"xmlns:soap='' "+
"xmlns:xsi='' "+
soapXml += GenerateAuthenticationHeader();
soapXml += soapBody;
soapXml += "</soap:Envelope>";

For more information about the <soap:Envelope> element, see

Send your XMLHTTP Request and process the result.

Use the XMLHTTP send method to send your request. The result will be available in the XMLHTTP object. The response can be accessed


The response can be accessed using three different properties.

ResponseBody provides an array of unsigned bytes.

responseText provides a string.

responseXML provides an XML document that can be parsed to return the value:

xmlDoc=new ActiveXObject("Microsoft.XMLDOM");
var userid = xmlDoc.getElementsByTagName("UserId")[0].childNodes[0].nodeValue;

Test your code in the Microsoft Dynamics CRM application.

Add a final line of code to display the result:


Paste your code into a Microsoft Dynamics CRM form event, and test the code using the preview window.

© 2010 Microsoft Corporation. All rights reserved.