Introduction:
After upgrading Business Central to version 17 (Wave2 2020), I found that there was an error telling me that WebService Key is going to be deprecated soon. |
| Web Service Access Key is deprecated. |
Hence, I decided to explore and probably make it easier through this blog.
Pre-requisites:
- Admin Access to Office 365
- Admin Access to Azure
Demonstration:
1. App Registration on Azure Portal:To enable OAuth authentication for any apps in Azure Active Directory, you will need to perform App Registration and set up the permissions and security details.
i.) Register the App: Search for 'App Registration' on the Azure Portal.
 |
| Click on New Registration |
Type in the App Names, Account Types and Redirect URI.
 |
| Registering Application |
ii.) Setup API Permissions:
Go to API Permissions > Add Permissions > Business Central App > Select Delegated Permissions > Select Other Permissions and Financials > Add Permissions Button.
Go to API Permissions > Add Permissions > Business Central App > Select Delegated Permissions > Select Other Permissions and Financials > Add Permissions Button.
 |
| Setup API Permissions |
iii.) Setup Client Secret:
Goto Client Secret > Give a Key Name, Description, and Create New Client Secret.
This Client Secret is the Password for OAuth.
 |
| Creation of Client Secret |
Unless you create the Client Secret, the Client Secret is not generated.
 |
| Client Secret is generated |
The value here is the Client Password
Now, we are all set for OAuth Authentication.
2. Get Token in Postman:
Prior to getting token in Postman, we need to make sure the parameters are ready.
Prior to getting token in Postman, we need to make sure the parameters are ready.
Token-Name: Give the appropriate Token Name
Grant Type: Authorization Code
Callback URL: https://businesscentral.dynamics.com/
Auth URL: https://login.windows.net/<TENANT-ID>/oauth2/authorize?resource=https://api.businesscentral.dynamics.com
Access Token URL: https://login.windows.net/<TENANT-ID>/oauth2/token?resource=https://api.businesscentral.dynamics.com
Client ID: Client ID on the App Registration
Client Secret: Client Secret Value generated recently.
This will generate the Access Token in Postman.
Using this token, now you will be able to get access to Business Central WebService or APIs.
Conclusion:
I wrote this blog because there are a lot of tricky things to follow and get this correct at the first attempt.
The advantage of using such a type of authentication is that irrespective of the user changing credentials.
I hope this helps. 👍
Interesting. This is almost what I did when first trying to talk to BC from my dev machine and push up enough ref tables to ultimately push up a sales order. I succeeded after a month or so. I still don't really 'understand' how it works. Really there is no app involved - just some C# running in a console app on my machine.
ReplyDeleteThat was painful - I could only get the token through Postman and it would expire every day or so.
Perhaps your article could address getting the token programmatically and call some API V2 endpoints.
Great article, been able to get the Access Token in Postman.
ReplyDeleteBut when trying to send actual request I get 401. The user I used is SUPER user in BC Online.
Unauthorized
The credentials provided are incorrect
Any ideas?
Thanks
EV
i am also having the same problem kindly help.
DeleteSolved, neede to change "Add authorization data to" = Request Headers in Postman.
ReplyDeleteEV
i am also having the same problem kindly help. i got the token but not able to use that
DeleteThanks Olister,
ReplyDeleteDoes this process apply for serviice to service communication?
we're working on a integration and a BC api will be called from outside,
we're not sure if this is possible without user inserting credentials.
Hi All,
ReplyDeleteIf you are facing issues with this blog, please refer https://olisterr.blogspot.com/2022/05/update-to-oauth-in-dynamics-business.html.
This blog contains updated content for OAuth.
Thanks.
Best Regards,
Olister