After the installation and setup of Live Assist for Dynamics 365, users might encounter an error that states “login.microsoftonline.com refused to connect” upon loading the Agent widget as shown below.
There are a couple of ways to resolve this issue:
- Setting up the Multi-Factor Authentication (MFA) using an authenticator app (recommended)
- Alternatively, if the environment is just a trial, the Multi-Factor Authentication setting may be disabled for the whole organization (not recommended for Production Accounts)
Setting up the Multi-Factor Authentication (MFA) using an Authenticator App
1. Sign in to your Microsoft Dynamics 365 instance where Live Assist is installed. Input your e-mail then choose Next.
2. Then input your password and click Sign in.
3. Hit the Next button to start setting up the MFA via the authentication app.
4. Install the Microsoft Authenticator app on your device. Once installed, click the Next button.
Note: Aside from the Microsoft Authenticator, you may also configure the authentication process using different authenticator apps (e.g. Google Authenticator, LastPass Authenticator, etc.) or set up using a different method (e.g. phone).
5. On the device, allow notifications if prompted. Then add a Work or school account to your authentication app.
6. Input your Microsoft Dynamics 365 e-mail then hit Next.
7. Then input your password.
8. Back on the MFA setup page, once the work or school account has been added to the authenticator app, choose Next.
9. Use the Microsoft Authenticator app to scan the QR code. This will connect the Microsoft Authenticator app to your account. After you scan the QR code, hit the Next button.
10. On the device, your account will be connected to the app after scanning the QR code. A similar interface below will be displayed on the authenticator app.
11. A notification will be sent to the app for testing.
12. On the mobile device, allow the sign-in by hitting the Approve button on the notification that was sent to the Microsoft Authenticator app.
13. After the sign-in notification has been approved, click Next.
14. Choose Done to complete the setup of Multi-Factor Authentication (MFA) for Dynamics 365.
15. Use the Microsoft Authenticator app every time you sign in to your Dynamics 365 instance to approve/deny your sign-in request.
16. If the sign-in request has been approved, the Live Assist Agent widget will load properly as presented below.
Disabling the Multi-Factor Authentication Setting for the Whole Organization via Azure
For Dynamics 365 instances that are on trial, the Multi-Factor Authentication setting may be disabled for the whole organization.
Note: This process is not recommended for Production Accounts.
1. Go to Azure Portal and sign in with the admin account for your organization.
2. On the Azure Portal dashboard, click on the hamburger icon to expand the menu and select Azure Active Directory.
3. Select Properties on the left panel.
4. Click Manage security defaults. On the dropdown menu, select Disabled (not recommended) to turn off the MFA. State your reason for disabling the security defaults and then hit the Save button.
5. Once the MFA has been turned off, the Live Assist Agent widget will load properly on your next log-in.