Microsoft Dynamics CRM supports claims based authentication using the WS-Federation (Passive) protocol. Typically, claims are configured with ADFS as the Service Provider to handle authentication requests with the claims provider. Optionally, CRM can use a custom Security Token Service (STS) in order to enable federated authentication. The WSO2 Identity Server provides a secure token service by default. In order to support using the Identity Server with CRM, a custom metadata file needs to be generated and it should be accessible to the CRM claims configuration wizard, which will give CRM the STS passive endpoint and private key for signing of claims. Microsoft Dynamics CRM can be setup with internal claims based authentication, or further secured for external claims based authentication as an Internet Facing Deployment (IFD).
Internet Facing Deployment (IFD) means that the functionality of the application is externally exposed and is outside of your local network. This is used by enterprises to set up their deployment to allow their employees to access the application away from work. Using an Internet Facing Deployment changes the URL structure CRM uses to load organizations, and thus has an effect on the settings required in the Identity Server.
...