Skip to main content

Notifications

Announcements

No record found.

Microsoft Dynamics AX (Archived)

Commerce Runtime Authorization Failed- The user is not authorized to perform this operation

(0) ShareShare
ReportReport
Posted on by Microsoft Employee

Hello All,

I am using retail server oData API to create a customer and my code is as following:

AuthenticationContext authenticationContext = new AuthenticationContext(ClientConfiguration.OneBox.ActiveDirectoryTenant, false);
AuthenticationResult authResult = null;
String clientId = ClientConfiguration.OneBox.ActiveDirectoryClientAppId.ToString();
String clientSecret = ClientConfiguration.OneBox.ActiveDirectoryClientAppSecret.ToString();
authResult = authenticationContext.AcquireTokenAsync("xxxx.sandbox.ax.dynamics.com", new ClientCredential(clientId, clientSecret)).GetAwaiter().GetResult();
Contoso.Commerce.RetailProxy.Authentication.ClientCredentialsToken clientCredentialsToken = new Contoso.Commerce.RetailProxy.Authentication.ClientCredentialsToken(authResult.AccessToken);
Contoso.Commerce.RetailProxy.RetailServerContext retailServerContext = Contoso.Commerce.RetailProxy.RetailServerContext.Create(new Uri("xxxx.sandbox.ax.dynamics.com/Commerce"), "068", clientCredentialsToken);
managerFactory= ManagerFactory.Create(retailServerContext);


// Loading categories.
try
{

//ICategoryManager customerManager = managerFactory.GetManager<ICategoryManager>();
//PagedResult<Category> categories = customerManager.GetCategories(channelConfiguration.RecordId,new QueryResultSettings { Paging = new PagingInfo { Skip = 0, Top = 100 } }).GetAwaiter().GetResult();

Contoso.Commerce.RetailProxy.ICustomerManager customerManager = managerFactory.GetManager<Contoso.Commerce.RetailProxy.ICustomerManager>();
long salt = DateTime.Now.Ticks;
Contoso.Commerce.RetailProxy.Customer customer = null;
customer = new Contoso.Commerce.RetailProxy.Customer { AccountNumber = string.Empty, Email = "mail" + salt + "@contoso.com", FirstName = "Demo", CustomerTypeValue = 1 };
customer = customerManager.Create(customer).GetAwaiter().GetResult();

}
catch(Exception ex)
{

}

It throws exception at customerManager.Create(customer).GetAwaiter().GetResult() line:

Exception of type 'Contoso.Commerce.RetailProxy.UserAuthorizationException' was thrown.The user is not authorized to perform this operation.

at Contoso.Commerce.RetailProxy.CommunicationExceptionHelper.ThrowAsCommerceException(Exception exception) in K:\RetailSDK\Proxies\RetailProxy\Exceptions\CommunicationExceptionHelper.cs:line 44
at Contoso.Commerce.RetailProxy.RetailServerContext.ParseInnerException(Exception ex) in K:\RetailSDK\Proxies\RetailProxy\Contexts\RetailServerContext.cs:line 760
at Contoso.Commerce.RetailProxy.RetailServerContext.<ExecuteWithExceptionHandlingAsync>d__57`1.MoveNext() in K:\RetailSDK\Proxies\RetailProxy\Contexts\RetailServerContext.cs:line 874
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Contoso.Commerce.RetailProxy.RetailServerContext.<Create>d__43`1.MoveNext() in K:\RetailSDK\Proxies\RetailProxy\Contexts\RetailServerContext.cs:line 473
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Contoso.Commerce.RetailProxy.CustomerManager.<Create>d__2.MoveNext() in K:\RetailSDK\Proxies\RetailProxy\Managers.g.cs:line 2466
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()

When I debug inside the Retail proxy code I see that it is trying to post to following URL:

https://XXXX.contosodevret.sandbox.ax.dynamics.com/Commerce/Customers?api-version=7.1

This URL is anyways not accessible from browser as it asks for user id and password.

I am using AAD as mentioned in the code for Service to Service authentication and have done all the configuration as described below:

shanalikhan.github.io/.../enable-application-mode-dynamics-retail-server.html

I can open following URL:

https://XXXX.contosodevret.sandbox.ax.dynamics.com/Commerce/

and can even browse through metadata using the below URL without any authentication

https://XXXX.contosodevret.sandbox.ax.dynamics.com/Commerce/$metadata

Your urgent answer will help me.

Exception of type 'Contoso.Commerce.RetailProxy.UserAuthorizationException' was thrown.The user is not authorized to perform this operation.

*This post is locked for comments

  • SergeyP Profile Picture
    SergeyP 2,928 on at
    RE: Commerce Runtime Authorization Failed- The user is not authorized to perform this operation

    Majority of product APIs are not exposed to Application context, only those which are related to eCommerce publishing.

    P. S.

    If possible please try to avoid creating duplicated posts in different threads - it is hard for the community to benefit from them.

  • SergeyP Profile Picture
    SergeyP 2,928 on at
    RE: Commerce Runtime Authorization Failed- The user is not authorized to perform this operation

    The blog explains how to use Service to Service so you have required knowledge when you will extend Retail Server. Only very few APIs are available in Application context out of the box - those which are needed for eCommerce Publishing.

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Microsoft_Dynamics_Commerce_Runtime_AuthorizationFailed- The user is not authorized to perform this operation

    Hi Sergey,

    I tried even for products and i got the same error:

    PagedResult<Product> products = productManager.ReadAll(new QueryResultSettings { Paging = new PagingInfo { Skip = 0, Top = 100 } }).GetAwaiter().GetResult();

    Please suggest.

    Best Regards,

    Vivek

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Microsoft_Dynamics_Commerce_Runtime_AuthorizationFailed- The user is not authorized to perform this operation

    Do you mean that all other APIs like products, orders are available and that should work?

    I have followed your post Support for Service to Service authentication in Retail Server and based on that only I have setup.

  • SergeyP Profile Picture
    SergeyP 2,928 on at
    RE: Microsoft_Dynamics_Commerce_Runtime_AuthorizationFailed- The user is not authorized to perform this operation

    No any Retail Server's CustomerX APIs are available via Application context (only C1 and eCommerce scenarios are supported out of the box), if you need that functionality you should create an extension for Retail Server and decorate your controller/methods with CommerceRoles.Applicatoin as explained in Support for Service to Service authentication in Retail Server

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Congratulations 2024 Spotlight Honorees!

Kudos to all of our 2024 community stars! 🎉

Meet the Top 10 leaders for December!

Congratulations to our December super stars! 🥳

Get Started Blogging in the Community

Hosted or syndicated blogging is available! ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,642 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,371 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans