If you ever dealt with Dynamics CRM authentication at “close range”, you know that CRM supports OAuth. Presumably, with CRM 2016 and ADFS 3.0 (Windows Server 2012 R2), we should be able to use OAuth for CRM On-premises, right? Especially now that ADFS supports JSON Web Tokens, so we should be able just enable JWT and move on. As it turns out, enabling JWT on ADFS completely breaks Dynamics CRM for Outlook that can no longer authenticate.
Not enabling JWT is not an option either because according to that article
JWTs are the only supported token type for OAuth requests.
So unless you are not using CRM for Outlook, OAuth implementation for CRM On-premises would have to wait. There are other obstacles in ADFS 3.0 as well, and looks like we’ll have to wait for Windows Server 2016 but that’s for another tip.