Skip to main content
Post a question

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id : wtxm7uDGdYZGzk4vPSVgmu
Dynamics 365 Community / Forums / Finance | Project Operations, Human Resources, ... / Unauthorized error/401...
Finance | Project Operations, Human Resources, ...
Suggested answer

Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

Like (0) ShareShare
ReportReport
Posted on 9 Nov 2020 13:11:41 by N.Mahadani 5

Hi Community members,

I used the below code block in C# to create a bearer token:

 ClientCredential clientCredential = new ClientCredential(AADClientID, AADClientSecretKey);
AuthenticationContext authContext = new AuthenticationContext(AADTenant);
AuthenticationResult result = authContext.AcquireTokenAsync(D365Url, clientCredential).Result;
string authHeader = result.CreateAuthorizationHeader();
Console.WriteLine(authHeader);
Console.ReadLine();

This code was used earlier to create authentication tokens and then this token was used to call odata services like data/GetTermsList using Postman.
Earlier I used to get data but now I am getting status code 401 unauthorized.
I have created the Dynamics 365 Finance VM from Lifecycle Services.
Then I have also created Azure Active Directory Application under Setup on the System Admin module of the Dynamics 365 Finance portal.
Can anyone share if anything has changed in between last 2-3 months?
  • Suggested answer
    N.Mahadani Profile Picture
    N.Mahadani 5 on 10 Nov 2020 at 13:00:52
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    Yes. Actually the resource call requires the structure to be

    <Dynamics_VM_aos.dynamics.com>/data/GetPaymentTerms. So a slash after dynamics.com is obvious and inevitable over here.

    The token call was using a url with trailing slash and that was going wrong. Instead now we used the token call without the trailing slash( like <Dynamics_VM_aos.dynamics.com>) and it worked like a charm.  

  • nmaenpaa Profile Picture
    nmaenpaa 101,156 on 10 Nov 2020 at 07:05:31
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    Ah, that's the good old trailing dash

    Nice that you found it. But this also means that you were making two different request in these two D365 systems, right? One request with a trailing dash and another one without.

  • N.Mahadani Profile Picture
    N.Mahadani 5 on 10 Nov 2020 at 06:39:21
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    We found out the real issue. The issue was occurring due to a trailing slash '/' in the D365Url variable. This created a bearer token, but the token when used for a resource call, it returned 401. When we removed the trailing '/', it worked well.

  • Suggested answer
    nmaenpaa Profile Picture
    nmaenpaa 101,156 on 09 Nov 2020 at 13:31:44
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    Ok, so most likely something on your side is set differently than before.

    The authentication flow hasn't changed recently.

    Did you remember to create an AAD app registration in your new AAD tenant? And add the D365FO URL in the redirect URL list for that AAD app registration?

  • N.Mahadani Profile Picture
    N.Mahadani 5 on 09 Nov 2020 at 13:26:16
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    Yes. Our old environment's subscription got expired 3 months back. So we created a new set of subscription, AAD tenant, Dynamics 365 Finance VM. We deployed our AX model project in this VM. We are able to see the data when we hit the browser(with /data/GetTermsList etc.). When we are using ClientCredential grant flow, we are getting a token using which the odata calls are not getting through(401).

  • nmaenpaa Profile Picture
    nmaenpaa 101,156 on 09 Nov 2020 at 13:18:16
    RE: Unauthorized error/401 on calling Odata service using Bearer token(Client Credentials)

    Has something changed on your end in the last 2-3 months? For example have you deployed a new system and it's not working in this new system?

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Daivat Vartak – Community Spotlight

We are honored to recognize Daivat Vartak as our March 2025 Community…

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Kudos to the February Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,516 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 231,436 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

End-of-life Announcement for Microsoft Dynamics GP

Product updates

Dynamics 365 release plans