Roberto Stefanetti BLOG

Roberto Stefanetti BLOG

MVP & MCT Microsoft Dynamics 365 Business Central, Powershell, Azure, SQL Server

#DYN365BC #DYNDEV365 #msdynnav 365 Business Central AL AL code samples DYN365BC 

Business Central OAuth 2.0 Get Token from AL Codeunit – massive apps update

rs , , , , ,

Business Central OAuth2.0 Authentication – Access granted by Token

OAuth2 authentication method, this type of connection can be used to connect to Business Central Admin APIs; the system to access the exposed APIs services uses a token issued by the access procedure, it is possible to use different ways to get the token released.

Risultato immagine per Oauth2

How to retrieve tokens…

In recent development courses (about 50 people) we showed how to get the tokens from Powershell, C#, PHP, OpenID and other systems. Microsoft is working on these things (hot topic) providing ready-made examples of various kinds, now also on the service to service access (from 18.3)

In our case, however, I want to illustrate how it is possible to use Microsoft AL directly and through an AL Codeunit to retrieve and manage the token to update the APP from the Marketplace.

The example APP uses the HUB \ Environments management to store the access credentials and obtain the tokens needed to call the APIs (it’s just an example … beware of security!, use in Sandboxes!)

My Old Post

https://robertostefanettinavblog.com/2021/02/23/business-central-oauth2-authentication/

MICROSOFT DOCS

https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/webservices/authenticate-web-services-using-oauth

ADMIN APIs

General link for access to the ADMIN APIs: This link does not indicate the general root that it is https://api.businesscentral.dynamics.com/

ADMIN APIs – used in our example

  • availableUpdates Retrieve all available updates available
  • Update Launch Apps Update

List of updates available for APPs with “GET

https://api.businesscentral.dynamics.com/admin/v2.7/applications/businesscentral/environments/<ENV>/apps/availableUpdates

Launch of APP updates with “POST”

https://api.businesscentral.dynamics.com/admin/v2.7/applications/businesscentral/environments/<ENV>/apps/{appId}/update

Since the second call is a POST I have to pass parameters in the body of the call which are the following:

{

useEnvironmentUpdateWindow“: false/true, // If set to true, the operation will be executed only in the environment update window. It will appear as “scheduled” before it runs in the window.

targetVersion“: “1.2.3.4”, // Always required. There’s no option to update to the latest. You have to first do a “availableAppUpdates”, call then use the version here.

allowPreviewVersion“: false/true,

installOrUpdateNeededDependencies“: false/true, // Value indicating whether any other app dependencies should be installed or updated; otherwise, information about missing app dependencies will be returned as error details

}

OAuth 2.0 Gettoken in AL Codeunit – EXAMPLE

DEMO CASE

Update all updatable apps in one step

SCENARIO “AS IS” – many Apps to Update

STEPS

Put Credentials (and use)

Create a table to store the access credentials: “XXXXX SANDBOX” is the key of the instance to be updated; the token will be generated to log in with OAuth2.

Launch “UpdateApps”

How the procedure “update apps” works:

  • Generate the TOKEN
  • Download the list of apps where an update exists
  • Get appID and version from the list above with call GET
  • Sequentially launch all the updates with a POST type CALL where in the body of the call there are some parameters including the new version and if it should install the dependencies and other things.

Example of Configuration:

Environments

Sandbox Environment

Some screen

TEST “Up to date” status for ALL APPS in Admin Console

Once this is done go to the Admin Console panel and check if the updates have started, you can see that they have actually been launched (ALL is “Up to Date”)

GET TOKEN FROM AL CODEUNIT

Function OAuth2.AcquireTokenWithUserCredentials

OAuth2.AcquireTokensWithUserCredentials(MicrosoftOAuth2Url, Client_Id, Scopes, UserEmail, pwd, AccessToken, idToken);

In the codeunit below you will find how to generate and use the Token, then find under the APP published on GitHub.

Certainly nothing more \ or better than Microsoft is already doing these days, but it could be useful to use it.

After acquiring the token, we proceed to update the APPs declared by the list as “updatable” through a loop

UpdateApp(AppID) function

Ready to use APP is on GITHUB

https://github.com/rstefanetti/AL-Code-Samples-Education/tree/AL-APPUpdater-AL-Gettoken

GET TOKEN BY POWERSHELL

$GetToken

$token = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions]::AcquireTokenAsync($ctx, “https://api.businesscentral.dynamics.com”, <Application ID>, $cred).GetAwaiter().GetResult().AccessToken

My Old Post

https://robertostefanettinavblog.com/2021/05/08/update-apps-installed-from-appsource-in-business-central-online-with-powershell/

MICROSOFT EXAMPLES\DOCS

Microsoft BCTech –AdminCenterAPI

BCTech/samples/AdminCenterApi at switchToAdminCenterSDK · microsoft/BCTech · GitHub

Microsoft standard Samples

https://github.com/microsoft/BCTech/blob/master/samples/OAuth2Flows/TestOAuth2Flows.Page.al

BUSINESS CENTRAL ADMIN CENTER

https://www.nuget.org/packages/Microsoft.Dynamics.BusinessCentral.AdminCenter