Required Link

https://businesscentral.dynamics.com 

https://portal.azure.com 


User ID: bizsupport@logosministriesltd.onmicrosoft.com

--------------------------------------------------------------------------------------------------------------------------------------------

Azure AD Settings 

  1. Go to App registrations, add new application if not access, can provide any friendly name 


  1. In Authentication, select Add a Platform 
  1. go to API Permissions

          Add a permission

             

             Adding both permissions 

             

          

    • BC => Delegated permission (select all)
    • BC => Application permission (select all) 
    • Grant admin consent
  • Expected Result


  1. Certificates & secrets 
    • Get the Secret Value 
    • Remark for Expires
      • We set max for development purpose, it is subject on Customer Security Policy
      • please save serect Value for later purpose, otherwise need to regenerate


Business Central Settings 

  1. Azure Active Directory Application Card (In Business Central)

*** "Azure Active Directory" is obsolete, try to search "Microsoft Entra Application" then click new. The user interface is same with the former one.

    •  Create new with Client Id = Application Id on Oauth Demo                 




Below information for development / Postman testing use:

The link structure
https://login.microsoftonline.com/<AAD TENANT ID>/wsfed?wa=wsignin1.0%26wtrealm=<APP ID URI>%26wreply=<APP REPLY URL>

Azure AD

https://learn.microsoft.com/en-us/microsoft-365/admin/misc/azure-ad-setup-guides?view=o365-worldwide



Postman Settings 
Obtain the token setup

In Authorization, type = "OAuth 2.0", Add authorization data to "Request URL".

  1. Grant Type = Authorization Code

  2. Callback URL = https://businesscentral.dynamics.com/ with uncheck "Authorize using browser"

    Prerequisite

    In Azure > App registrations > Your application
    Remember to setup Redirect URLs for obtain the token from https://businesscentral.dynamics.com/

  3. Auth URL = https://login.windows.net/$BC_TENANT_ID/oauth2/authorize?resource=https://api.businesscentral.dynamics.com               *** Replace $BC_TENANT_ID with actual one  
  4. Access Token URl = https://login.windows.net/$BC_TENANT_ID/oauth2/token?resource=https://api.businesscentral.dynamics.com
  5. Client ID = $your_applicaiton_(client)_ID (Obtain from overview)
  6. Client Secret = $value (You are advised to copy the secret value once created new client secret.)
  7. Scope & State keep them blank
  8. Client Authentication = send client credentials in body
  9. Then click "Get New Access Token", system will prompt up the BC login windows --> login to BC and proceed → Token will be generated → "Use Token"

         


         


10. Send the GET request, you can retrieve the relevant records from the web service URL => Success
         


  1. Authentication 


* Troubleshooting

Error: tunneling socket could not be established, cause=connect ECONNREFUSED 192.168.x.x:xxxx 

Postman has internal proxy server, which we need to turn off


Calling BC Web service 

  1. The request URL should be the same as before (OData) 
  2. Add the Token granted from authentication to Header
  3. URL for login token: https://login.microsoftonline.com/6284c88c-f37e-458f-a4da-5bf111ed1f9c/oauth2/v2.0/token 

 Expected Result


  • No labels