Business Central oAuth2 Authentication
Steps to activate the OAuth2 authentication method, this type of connection can be used to connect to Business Central WebServices-APIs; it will soon be the only method available as access with WebService key is deprecated.
The system to access the exposed services uses a token issued by the access procedure (see details at the links below), it is possible to use different ways to get the token released.
Docs
“WebService Access Key is being deprecated” warning
Warning: Deprecated Features W1 – About
How to get a token by client secret password – STEPS
App registration in the Azure portal
To enable OAuth2 authentication for apps in Azure Active Directory (AAD), you need to register an app, configure it, assign it permissions.
To register an app: Search for “App registration” in the Azure portal
Assign permissions to a registered app
Select “API Permissions”, select “Business Central”, select “Delegated Permissions”, and add permissions.
Certificates & Secrets
Create a client secret (ID and Name), this client secret will be the password for OAuth2
Check Active Endpoints
The system releases several endpoints that we can use to log in with OAuth2
- Auth Endpoint
- Endpoint Token
- Redirect page link
How to get an access token
The system calls the Oauth2 interface to connect and release the token to access the services (in this case via the classic Microsoft login screen); you can use different ways to get the token released.
ACCESS BY POSTMAN
Assign the endpoints exposed in Azure, connect to receive the token, the token can be saved
If everything works, the system launches the Microsoft login page, after which a token is issued
Select an account
How to get a token from Business Central inside
Interesting article (which I point out) on how to get \ test a token directly from Business Central
Project “BC-OAuth-2.0-Authorization”
“Generic OAuth2 Library for Business Central is to acquire Access Token from Azure AD, Google, Facebook etc. OAuth is most commonly used authorization method across all platforms. Acquiring Access Token is a little difficult in Business Central, though there is a Codeunit called OAuth2 available in the system”
Source https://www.msnjournals.com/post/generic-oauth2-library-for-business-central
Code forked here https://github.com/rstefanetti/BC-OAuth-2.0-Authorization
Roberto,
I have relied on your blogs for a longtime. Thank you.
I have performed all of the steps above and successfully get a token using Postman. However, when I try to call my web service, I get a message ‘Unauthorized The Credentials provided are incorrect’. Any ideas on what could be causing this?
Have you solved the issue?
Hi this all for BC online or On-Premise ?
Hi, bc online