My project holds a generated class for Dynamics 365 Business Central used for API calls on Business Central.

It is created with Dynamics 365 Business Central XML metadata file using the Visual Studio OData Connection Service wizard.

In Portal Azure there is a app registration that has the credentials, redirect uri defined. The permissions for Dynamics 365 Business Central are all checked, the implicit flow is enabled.

I use the build method on IConfidentialClientApplication interface where I pass the Client Id, Client Credentials and Tenant Id from the app registration.

From the built object I request an AuthenticationResult with AcquireTokenOnBehalfOf method. as for the scope I use "https://api.businesscentral.dynamics.com/user_impersonation".

I use the access token from AuthenticationResult in all my API Calls to Business Central.

The access token in jwt.io website shows the correct user and audience "https://api.businesscentral.dynamics.com", but when I make the API Call with my project method I get the Unauthorized response with the error message: "The credentials provided are incorrect". There is also this error message: "Microsoft.OData.Client.DataServiceQueryException: An error occurred while processing this request."

When I use the same access token in Postman call where i make a direct url call to Business Central the status is 200 and the response is also correct.

The generated class uses a context with Linq to make a query on Business Central.

I cannot change the generated class so something must be wrong with the access token in the API calls.

Can somebody give me advice how to modify my access token to enable it work my generated class ?