SBX - Search With Button

SBX - Forum Post Title

Has anybody used any of the Dynamics 365 integration endpoints listed here: https://docs.microsoft.com/en-us/dynamics-nav/endpoints-apis-for-dynamics

Dynamics 365 Business Central Forum

Mohamed Khalife asked a question on 23 Jan 2018 12:09 PM

Question Status

Verified

Has anybody used any of the Dynamics 365 integration endpoints listed here: docs.microsoft.com/.../endpoints-apis-for-dynamics

It appears the only one that works is the one that's not rated for production use. Has anybody else used any of these to successfully integrate an external app with Dynamics 365? I'm looking for some guidance on how to proceed with integration. What is the best method to integrate an external app with Dynamics 365?

Reply
Peter Borring responded on 25 Jan 2018 5:06 AM
My Badges
Suggested Answer

Currently we support both the common endpoint with AAD and going directly to the tenant with basic authentication as outlined in the link. Microsoft Graph is not yet supported.

Can you provide more information about the specifics not working?

Thanks,

/Peter 

Reply
Mohamed Khalife responded on 25 Jan 2018 9:07 AM

Hi Peter, thanks for the reply. I should have clarified that we are intending to integrate with Business Edition.

We have gotten the direct tenant endpoint to work but are worried that we should not be using this given its usage is "Rapid development and testing only". What should we be using when we're done with development and testing? Will the resource identifiers be the same if we switch endpoints?

I've tried to authenticate using OAuth to the common endpoint service but i'm not sure how to make it work. When I register my app in AAD there isn't an API option for this API, only the Dynamics AX API's.

Reply
Jimmy Briggs responded on 25 Jan 2018 12:55 PM
My Badges

I am in the same boat. I have tried been trying to just hit api.financials.dynamics.com/.../companies with no luck at all.

I have used every configuration I can think of...

  • bearer token,
  • basic authentication oauth,
  • registered an app in azure,
  • registered a native app in azure,
  • used the web access key as a password

Every response I receive is 401 {"message":"Unauthorized"}

The product we are using is online, not on-premise.

Would love some sample code of a request to api.financials.dynamics.com/.../beta

Reply
Peter Borring responded on 26 Jan 2018 10:17 AM
My Badges
Verified Answer

The API is the same regardless if using the api.financials.dynamic.com endpoint, or going directly to the tenant.

The difference is the authentication being used, where the common endpoint allows automatically delegation to the provided AAD users tenant, and thus also avoid having to specify any tenant specific endpoint url.

How old is your AAD tenant? I believe that the names for other AppIds gets locked at the time of AAD tenant creation, so we might appear as, e.g., Project Madeira, which was the preview name of the service.

A shortcut is to copy our AppId directly into the AAD manifests reqiuredResourceAccess list

 "requiredResourceAccess": [

   {

     "resourceAppId": "996def3d-b36c-4153-8607-a6fd3c01b89f",

     "resourceAccess": [

       {

         "id": "bce0976a-cb0b-473b-8800-84eda9f8e447",

         "type": "Scope"

       }

     ]

   }

 ]

Reply
Mohamed Khalife responded on 26 Jan 2018 11:42 AM

Thank you! The project madiera tip was what I needed. I had to specifically search for "Project" for it to show up. In any case, it's working now. I really appreciate the assistance. 

I put together some brief instructions in case anyone else needs them:

  1. Login to the Azure Portal >> Azure Active Directory >> App Registrations

  2. Click “New application registration” and enter the following information
    1. Name: pick any name
    2. Application type: Web app / API
    3. Sign-on URL: this can be anything. I chose http://localhost

  3. Click on the app you just created and then select Settings >> Required Permissions
  4. Click Add >> Select an API >> and look for the Dynamics 365 option. If it doesn’t show up, manually search for “Project” and Project Madeira will show up. This is apparently required for older AAD tenants.

  5. Select Project Madiera and then select the available “delegated permission”

  6. Click “Done” and the permissions will be added
  7. Under Settings, navigate to Keys and create a new Key that doesn’t expire. Copy this value as you will not see it again.
  8. You should now have your Application ID and your secret (the Key from the last step). These will be used for authentication from your application (or Postman).
  9. The parameters you’ll need to authenticate via OAuth 2.0 are as follows:
    1. Grant Type: Authorization Code
    2. Callback URL: the URL you chose in step 2c
    3. Auth URL: https://login.windows.net/{yourtenant}.onmicrosoft.com/oauth2/authorize?resource=api.financials.dynamics.com
    4. Access Token URL: https://login.windows.net/{yourtenant}.onmicrosoft.com/oauth2/token?resource=api.financials.dynamics.com
    5. Client ID: your Application ID from step 8
    6. Client Secret:your Key from step 8

  10. Now you should be ready to request a token, which should bring up a login prompt and require you to grant permissions to the AAD app

  11. Now you can make a successful request using the provided token to https://api.financials.dynamics.com/v1.0/api/beta/
Reply
Mohammed Nazeem responded on 1 Mar 2018 7:28 AM

Hi  I did the steps as mkhalife Posts, i got these results from postman " {Tenant }.onmicrosoft.com not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator."

Reply
Timussch responded on 8 May 2018 1:48 PM
My Badges

It looks like this issue is stull present on May 8th when installing Business Central in a demo tenant created by demo.microsoft.com

Reply
Henrik Westergaard Hansen responded on 17 May 2018 7:37 AM

Great guide. Remeber that the url in the resource needs to contain the protocol (https). This blog engines rewrites the URL. Also, another resource should be used going forward:

?resource=https://api.businesscentral.dynamics.com

Reply
Peter Borring responded on 26 Jan 2018 10:17 AM
My Badges
Verified Answer

The API is the same regardless if using the api.financials.dynamic.com endpoint, or going directly to the tenant.

The difference is the authentication being used, where the common endpoint allows automatically delegation to the provided AAD users tenant, and thus also avoid having to specify any tenant specific endpoint url.

How old is your AAD tenant? I believe that the names for other AppIds gets locked at the time of AAD tenant creation, so we might appear as, e.g., Project Madeira, which was the preview name of the service.

A shortcut is to copy our AppId directly into the AAD manifests reqiuredResourceAccess list

 "requiredResourceAccess": [

   {

     "resourceAppId": "996def3d-b36c-4153-8607-a6fd3c01b89f",

     "resourceAccess": [

       {

         "id": "bce0976a-cb0b-473b-8800-84eda9f8e447",

         "type": "Scope"

       }

     ]

   }

 ]

Reply
Peter Borring responded on 25 Jan 2018 5:06 AM
My Badges
Suggested Answer

Currently we support both the common endpoint with AAD and going directly to the tenant with basic authentication as outlined in the link. Microsoft Graph is not yet supported.

Can you provide more information about the specifics not working?

Thanks,

/Peter 

Reply

SBX - Two Col Forum

SBX - Migrated JS