Hi there,
I am trying to connect to the admin API from our business central SaaS service.
normal access to all other webservices works splendidly well.
I am following this guide right here:
https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/administration-center-api
I already have the App registered in Azure and it has all the rights it needs (at least it seems like it has)
yet, when I try to connect via postman, I get the error: 401 Unauthorized
this is the link I am trying to call.
api.businesscentral.dynamics.com/.../environments
which looks to me like the one mentioned here
https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/administration-center-api_environments
so what am I doing wrong and how do I fix this ?
thanks in advance
Did you found the solution yet? Have the same issue ... thanks!
Hello,
For OnPrem I suggested to use:
community.dynamics.com/.../business-central-on-premise-oauth2-authentication_invalidcredentials
For SaaS, these settings may differ, here they are again, note that I am using a collection and environment variables.
1. Add New collection:
Type: OAUTH 2.0
Add auth data to: Request Headers
Access Tokens: Available Tokens
Header Prefix: Bearer
Token Name: S2S OAUTH2
Grant Type: Authorization Code
Callback Url: https : // api.businesscentral.dynamics.com/v2.0/Production/api/v2.0
Authorize URL: https : // login.microsoftonline.com/{{TENANTAADID}}/oauth2/v2.0/authorize
Access Token URL: https : // login.microsoftonline.com/{{TENANTAADID}}/oauth2/v2.0/token
Client ID: {{CLIENTID}}
Client Secret: {{CLIENTSECRET}}
Scope: {{SCOPE}} //NOTE THAT {SCOPE}} is a variable defined in postman: https : // api.businesscentral.dynamics.com/.default) (without the additional spaces to prevent reformatting of the url)
Client Authentication: Send client credentials in body
NOTE: add environmental values in Postman and add actual values for SCOPE, ClientID, etc.
You can clear cookies and then get new access token. The client ID must be added as an applicatdion to Azure AD in BC and consent must be granted first.
After that, add a new tab with GET and then the url for the admin center (and point it to the collection, use inherit from parent for authentication and save the tab first for changes to take effect).
Note that I also added some additional reply urls in the app registration for the api.businesscentral.dynamics.com, etc.
Hope it helps.
could you please show me your "exact" settings in postman and in app registration for this ?
I seems to me I am wrong with my app settings in regards to URI, URL etc.
also, my app delegation permissions look different than some suggestions here (eg. I do not see the smartlist permission at all)
its also strange to see somene using V.2.3 when the official doc mentions v2.13
I really appreciate your help.
Hello,
In Postman I am not using Bearer Token but OAUTH 2.0. This works fine.
Hope it helps.
Thank you for the links.
I used your reference in postman yet I still have no success:
I still get 401- not authorized.
I can obtain the Oauth Token and these are the rights / roles of it:
and set permissions in ther azureAD app registration
I am still exactly where started. get the token, cannot connect to the admin-API
Hi, hope the following helps.
Install AppSource Apps via Admin Center API
Manage environments via Admin Center API
Thanks.
ZHU
seriously ? hm. thats strange.
I use this:
whith the bearer token being th oauth token I get from my "get token" api call, which is this:
the APP permissions I posted in the original post.
so if you can point out my mistake I would really appreciate it.
thanks in advance.
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
André Arnaud de Cal... 291,151 Super User 2024 Season 2
Martin Dráb 229,963 Most Valuable Professional
nmaenpaa 101,156