I am working on building custom applications that interface with MSCRM using the OrganizationService using on-premise AD auth. In the future we might switch to using ADFS with STS on premise and I would like to ensure that I do not need to change the upstream code significantly to handle this. The CRM best practices guide mentions that the SDK has a ManagedTokenOrganizationServiceProxyclass that derives from OrganizationServiceProxy which handles token management/refresh. Can this be used in lieu of the OrganizationServiceProxy class even if there is no ADFS/STS? Will the behavior downgrade to that of the OrganizationServiceProxy in absence of an STS and when the ADFS/STS is implemented would the behavior upgrade to token based authentication?
I have a facade in place so that the upstream code does not consume these concrete classes directly and uses IOrganizationService instead. I would like to understand the behavioral differences between the two, especially how the Auto Refresh token functionality works with and without an ADFS/STS behind the scenes and can I simply use the ManagedTokenOrganizationServiceProxy currently without ADFS/STS in place without any gotchas?
-Abhijeet