Business Central oAuth2 Authentication

Business Central oAuth2 Authentication

Steps to activate the OAuth2 authentication method, this type of connection can be used to connect to Business Central WebServices-APIs; it will soon be the only method available as access with WebService key is deprecated.

The system to access the exposed services uses a token issued by the access procedure (see details at the links below), it is possible to use different ways to get the token released.

Docs

https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/webservices/authenticate-web-services-using-oauth

https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/webservices/authenticate-web-services-using-oauth

 

“WebService Access Key is being deprecated” warning

Warning: Deprecated Features W1 – About

Docs https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/upgrade/deprecated-features-w1

 

How to get a token by client secret password – STEPS

App registration in the Azure portal

To enable OAuth2 authentication for apps in Azure Active Directory (AAD), you need to register an app, configure it, assign it permissions.

To register an app: Search for “App registration” in the Azure portal

 

Assign permissions to a registered app

Select “API Permissions”, select “Business Central”, select “Delegated Permissions”, and add permissions.

 

Certificates & Secrets

Create a client secret (ID and Name), this client secret will be the password for OAuth2

 

Check Active Endpoints

The system releases several endpoints that we can use to log in with OAuth2

• Auth Endpoint
• Endpoint Token
• Redirect page link

 

How to get an access token

The system calls the Oauth2 interface to connect and release the token to access the services (in this case via the classic Microsoft login screen); you can use different ways to get the token released.

ACCESS BY POSTMAN

Assign the endpoints exposed in Azure, connect to receive the token, the token can be saved

If everything works, the system launches the Microsoft login page, after which a token is issued

Select an account

 

How to get a token from Business Central inside

Interesting article (which I point out) on how to get \ test a token directly from Business Central

Project “BC-OAuth-2.0-Authorization”

“Generic OAuth2 Library for Business Central is to acquire Access Token from Azure AD, Google, Facebook etc. OAuth is most commonly used authorization method across all platforms. Acquiring Access Token is a little difficult in Business Central, though there is a Codeunit called OAuth2 available in the system”

Source https://www.msnjournals.com/post/generic-oauth2-library-for-business-central

Code forked here https://github.com/rstefanetti/BC-OAuth-2.0-Authorization