Business Central OAuth 2.0 Get Token from AL Codeunit – massive apps update

Business Central OAuth2.0 Authentication – Access granted by Token

OAuth2 authentication method, this type of connection can be used to connect to Business Central Admin APIs; the system to access the exposed APIs services uses a token issued by the access procedure, it is possible to use different ways to get the token released.

Risultato immagine per Oauth2

How to retrieve tokens…

In recent development courses (about 50 people) we showed how to get the tokens from Powershell, C#, PHP, OpenID and other systems. Microsoft is working on these things (hot topic) providing ready-made examples of various kinds, now also on the service to service access (from 18.3)

In our case, however, I want to illustrate how it is possible to use Microsoft AL directly and through an AL Codeunit to retrieve and manage the token to update the APP from the Marketplace.

The example APP uses the HUB \ Environments management to store the access credentials and obtain the tokens needed to call the APIs (it’s just an example … beware of security!, use in Sandboxes!)

My Old Post



General link for access to the ADMIN APIs: This link does not indicate the general root that it is

ADMIN APIs – used in our example

  • availableUpdates Retrieve all available updates available
  • Update Launch Apps Update

List of updates available for APPs with “GET<ENV>/apps/availableUpdates

Launch of APP updates with “POST”<ENV>/apps/{appId}/update

Since the second call is a POST I have to pass parameters in the body of the call which are the following:


useEnvironmentUpdateWindow“: false/true, // If set to true, the operation will be executed only in the environment update window. It will appear as “scheduled” before it runs in the window.

targetVersion“: “”, // Always required. There’s no option to update to the latest. You have to first do a “availableAppUpdates”, call then use the version here.

allowPreviewVersion“: false/true,

installOrUpdateNeededDependencies“: false/true, // Value indicating whether any other app dependencies should be installed or updated; otherwise, information about missing app dependencies will be returned as error details


OAuth 2.0 Gettoken in AL Codeunit – EXAMPLE


Update all updatable apps in one step

SCENARIO “AS IS” – many Apps to Update


Put Credentials (and use)

Create a table to store the access credentials: “XXXXX SANDBOX” is the key of the instance to be updated; the token will be generated to log in with OAuth2.

Launch “UpdateApps”

How the procedure “update apps” works:

  • Generate the TOKEN
  • Download the list of apps where an update exists
  • Get appID and version from the list above with call GET
  • Sequentially launch all the updates with a POST type CALL where in the body of the call there are some parameters including the new version and if it should install the dependencies and other things.

Example of Configuration:


Sandbox Environment

Some screen

TEST “Up to date” status for ALL APPS in Admin Console

Once this is done go to the Admin Console panel and check if the updates have started, you can see that they have actually been launched (ALL is “Up to Date”)


Function OAuth2.AcquireTokenWithUserCredentials

OAuth2.AcquireTokensWithUserCredentials(MicrosoftOAuth2Url, Client_Id, Scopes, UserEmail, pwd, AccessToken, idToken);

In the codeunit below you will find how to generate and use the Token, then find under the APP published on GitHub.

Certainly nothing more \ or better than Microsoft is already doing these days, but it could be useful to use it.

After acquiring the token, we proceed to update the APPs declared by the list as “updatable” through a loop

UpdateApp(AppID) function

Ready to use APP is on GITHUB



$token = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions]::AcquireTokenAsync($ctx, “”, <Application ID>, $cred).GetAwaiter().GetResult().AccessToken

My Old Post


Microsoft BCTech –AdminCenterAPI

BCTech/samples/AdminCenterApi at switchToAdminCenterSDK · microsoft/BCTech · GitHub

Microsoft standard Samples