16 thoughts on “How do I: Really set up Azure Active Directory based authentication for Business Central APIs”

  1. Hi Vjeko, I think you must be a wizard to find out all that stuff. As just a programmer (or a consultant) I would never find how to solve it. I asked also to DT in MS but I didn’t get an easy answer. Now i know why. I hope to see u in Italy soon. Davide

    1. Hi Davide! Yes, this was a really tricky one, cost me endless hours of investigation, and trial and error. I’ll be in Italy soon, did you sign up for it?

  2. Hi Vjeko,

    It really helped me. Thanks a lot…!!!

    One more help if possible. I can get the request from the postman say for the customer. But when i make Patch request then response will be the 400 Bad Request. its generate following error:

    Request data is invalid.

  3. Hi Vjeko,

    Thanks for the great post. We have been using this to test out the API’s through Postman and were wondering how to configure Postman to not prompt for authentication? eg. say you have an external app/service that is connecting to the Business Central web service, which will not get prompted. How do you pass the credentials through?

    We have been trying with setting the Grant Type to Client Credentials (and adding app_access permissions on the Azure App Registration), which seems to give you the token but when you perform a web service request (get/post) it comes up with an error, advising the credentials provided are incorrect.


      1. I am sorry, I simply missed the question from David, but now I see this one. I am not sure exactly what or why isn’t working – getting a token that works with web service calls. Maybe it has to do with the exact OAuth flow that you are using. In Waldo’s and my TechDays 2019 session I have a lengthy discourse on OAuth and how it’s supported in BC, which flows you can use, and which can’t, and there are even examples on how to obtain a token. If that doesn’t help, let me know, maybe I could make a blog post about this stuff with step-by-step instructions.

    1. πŸ˜€ I bet it doesn’t. But I certainly won’t keep the screenshots on my blog up-to-date with what Azure looks this day. This is a blog (= “Web” + “Log”, i.e. a diary), not a documentation website.

    1. No, sorry, I don’t think I’ll have time to do this. I mostly blog about the stuff that’s currently on my plate, and API most certainly isn’t. Maybe some time in the future, time will tell.

Leave a Reply