You’re offline. This is a read only version of the page.
5
Hello,
I followed the instructions to setup an OAuth2 app from the official documentation and all steps are working and I receive an access and refresh token with all these scopes (including the necessary "Financials.ReadWrite.All" scope):
Share
Report{
"token_type": "Bearer",
"scope": "ChannelMessage.Send Chat.ReadWrite ChatMessage.Send Directory.Read.All Directory.ReadWrite.All Files.ReadWrite Files.ReadWrite.All Financials.ReadWrite.All Group.ReadWrite.All Mail.ReadWrite Mail.Send Sites.FullControl.All Sites.Manage.All Sites.ReadWrite.All Team.ReadBasic.All TeamSettings.Read.All TeamSettings.ReadWrite.All User.Read.All User.ReadWrite.All profile openid email",
"expires_in": 3997,
"ext_expires_in": 3997,
"access_token": "ey...",
"refresh_token": "0.A..."
}
However, when trying to do a GET request to Dynamics 365 like: graph.microsoft.com/.../companies
I receive the following error with status code 401:
{
"error": {
"code": "Unknown",
"message": "The provided token is unsupported, because it does not contain the necessary claims or signature.",
"innerError": {
"date": "2022-07-11T15:31:36",
"request-id": "4...",
"client-request-id": "4.."
}
}
}
Making a GET request (with the same access token) to graph.microsoft.com/.../me works as expected (the API returns my user data).
I have a Dynamics 365 Trial account and accessing the same account via API worked a couple of months ago with the same user and OAuth2 app without any issues.
Having already double checked all the OAuth app settings, Dynamics 365 User access, and OAuth2 flows, I don't see any other option than to completely delete and recreate the Dynamics account.
Are there any other options or could it be that trial accounts can't access the API anymore or need to be setup to use the API (like it's the case for Business Central On-Premises)?
Thanks in advance!
Hello,
We're aware of the issue. Recommendation is to use Business Central APIs directly instead of going through Microsoft Graph. There are many benefits of going directly to BC apis:
1) No extra middle layer (graph throttling). Integration will go directly to BC.
2) Graph API (/financials) does not support custom APIs
3) Graph API (/financials) does not support Business Central Environments (it can only connect to the environment named Production)
4) Graph API (/financials) maps to a subset of v1.0 APIs in Business Central. BC currently also exposes more apis in v2.0, which also performs better.
5) Service 2 service is not supported from MS Graph to Business Central. If you need to use S2S, you need to connect directly to BC. Only delegate flows are supported from Graph to BC.
Suggestion is to use v2.0 APIs in Business Central.
Hope it helps.
#1
Sohail Ahmed
2,655
#2
Mansi Soni
1,574
#3
YUN ZHU
1,453
Super User 2025 Season 1
All responses (
Answers (
