Small and medium business | Business Central, N...

Administration API access - not authorized

(2) Share

Report

Posted on by LDE

Hi there,

I am trying to connect to the admin API from our business central SaaS service.

normal access to all other webservices works splendidly well.

I am following this guide right here:

https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/administration-center-api

I already have the App registered in Azure and it has all the rights it needs (at least it seems like it has)

yet, when I try to connect via postman, I get the error: 401 Unauthorized

this is the link I am trying to call.
api.businesscentral.dynamics.com/.../environments

which looks to me like the one mentioned here
https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/administration-center-api_environments

so what am I doing wrong and how do I fix this ?

thanks in advance

I have the same question (0)

All responses (16)

Answers (0)

Nitin Verma 21,698 Moderator on at

Like (0)

Report

RE: Administration API access - not authorized

Hi,

Please visit the below link

https://youtu.be/Tz9xMAUdzME

Was this reply helpful? Yes No
LDE 69 on at

Like (0)

Report

RE: Administration API access - not authorized

thanks but this did not fix or help.

Like I said, my problem is not getting the token or getting authenticated for BC api in general. that works very well.

I only the errors when I try to connect to the admin api endpoints.

Was this reply helpful? Yes No
Marco Mels on at

Like (0)

Report

RE: Administration API access - not authorized

Hello,

I did copy he link in my postman environment and it works fine. It shows me the environments of my SaaS admin center So you need to share your settings in Postman as I think that is causing the issue.

Thank you.

Was this reply helpful? Yes No
LDE 69 on at

Like (0)

Report

RE: Administration API access - not authorized

seriously ? hm. thats strange.

I use this:

whith the bearer token being th oauth token I get from my "get token" api call, which is this:

the APP permissions I posted in the original post.
so if you can point out my mistake I would really appreciate it.

thanks in advance.

Was this reply helpful? Yes No
YUN ZHU 93,880 Super User 2025 Season 2 on at

Like (0)

Report

RE: Administration API access - not authorized

Hi, hope the following helps.

Install AppSource Apps via Admin Center API

https://yzhums.com/12259/

Manage environments via Admin Center API

https://yzhums.com/15755/

Thanks.

ZHU

Was this reply helpful? Yes No
LDE 69 on at

Like (0)

Report

RE: Administration API access - not authorized

Thank you for the links.

I used your reference in postman yet I still have no success:
I still get 401- not authorized.

I can obtain the Oauth Token and these are the rights / roles of it:

and set permissions in ther azureAD app registration

I am still exactly where started. get the token, cannot connect to the admin-API

Was this reply helpful? Yes No
Suggested answer

Marco Mels on at

Like (0)

Report

RE: Administration API access - not authorized

Hello,

In Postman I am not using Bearer Token but OAUTH 2.0. This works fine.

Hope it helps.

Was this reply helpful? Yes No
LDE 69 on at

Like (0)

Report

RE: Administration API access - not authorized

could you please show me your "exact" settings in postman and in app registration for this ?

I seems to me I am wrong with my app settings in regards to URI, URL etc.

also, my app delegation permissions look different than some suggestions here (eg. I do not see the smartlist permission at all)

its also strange to see somene using V.2.3 when the official doc mentions v2.13

I really appreciate your help.

Was this reply helpful? Yes No
Suggested answer

Marco Mels on at

Like (0)

Report

RE: Administration API access - not authorized

Hello,

For OnPrem I suggested to use:

community.dynamics.com/.../business-central-on-premise-oauth2-authentication_invalidcredentials

For SaaS, these settings may differ, here they are again, note that I am using a collection and environment variables.

1. Add New collection:

Type: OAUTH 2.0

Add auth data to: Request Headers

Access Tokens: Available Tokens

Header Prefix: Bearer

Token Name: S2S OAUTH2

Grant Type: Authorization Code

Callback Url: https : // api.businesscentral.dynamics.com/v2.0/Production/api/v2.0

Authorize URL: https : // login.microsoftonline.com/{{TENANTAADID}}/oauth2/v2.0/authorize

Access Token URL: https : // login.microsoftonline.com/{{TENANTAADID}}/oauth2/v2.0/token

Client ID: {{CLIENTID}}

Client Secret: {{CLIENTSECRET}}

Scope: {{SCOPE}} //NOTE THAT {SCOPE}} is a variable defined in postman: https : // api.businesscentral.dynamics.com/.default) (without the additional spaces to prevent reformatting of the url)

Client Authentication: Send client credentials in body

NOTE: add environmental values in Postman and add actual values for SCOPE, ClientID, etc.

You can clear cookies and then get new access token. The client ID must be added as an applicatdion to Azure AD in BC and consent must be granted first.

After that, add a new tab with GET and then the url for the admin center (and point it to the collection, use inherit from parent for authentication and save the tab first for changes to take effect).

Note that I also added some additional reply urls in the app registration for the api.businesscentral.dynamics.com, etc.

Hope it helps.

Was this reply helpful? Yes No
Thierry Permentier 5 on at

Like (0)

Report

RE: Administration API access - not authorized

Did you found the solution yet? Have the same issue ... thanks!

Was this reply helpful? Yes No