Small and medium business | Business Central, N...

Issue Retrieving Bearer Tokens for Business Central API Access in a C# Method

(1) Share

Report

Posted on by Kevin Fernandez

Hello,

I am attempting to access the Business Central API from a C# application. The program successfully connects to BC and gets a token, but the request using that token fails with StatusCode: 401, ReasonPhrase: 'Unauthorized'.

This process works fine in Postman, and if I copy the token from the working Postman and paste it into the C# code, the API request works fine. The token retrieved from BC appears to be much shorter than the one that is obtained in Postman.

I'm guessing it's something simple I am missing, but I can find what that might be.

Here is my code.

static async Task RunApiTest()
{
try
{
string bearerToken = "";
string ClientId = "(removed)";
string ClientSecret = "(removed)";
string TenantId = "(removed)";

string tokenUrl = $"https://login.microsoftonline.com/{TenantId}/oauth2/v2.0/token";

HttpClient client = new HttpClient();
var content = new StringContent("grant_type=client_credentials" +
"&scope=https://api.businesscentral.dynamics.com/.default" +
"&client_id=" + HttpUtility.UrlEncode(ClientId) +
"&client_secret=" + HttpUtility.UrlEncode(ClientSecret));
content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded");
var response = await client.PostAsync(tokenUrl, content);

if (response.IsSuccessStatusCode)
{
var tokenContent = await response.Content.ReadAsStringAsync();
var tokenResponse = Newtonsoft.Json.JsonConvert.DeserializeObject<TokenResponse>(tokenContent);
bearerToken = tokenResponse.AccessToken;
string apiUrl = $"https://api.businesscentral.dynamics.com/v2.0/(removed)/Sandbox/api/v2.0/companies((removed))/customers";
HttpClient httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + bearerToken);
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var apiRespponse = await httpClient.GetAsync(apiUrl);
if (apiRespponse.IsSuccessStatusCode)
{
string resultString = await httpClient.GetStringAsync(apiUrl);
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
public class TokenResponse
{
[Newtonsoft.Json.JsonProperty("access_token")]
public string AccessToken { get; set; }
}

Thanks!

Categories:

Dynamics 365 Business Central

I have the same question (0)

All responses (3)

Answers (0)

Suggested answer

YUN ZHU 95,647 Super User 2025 Season 2 on at

Like (2)

Report

Hi, Sorry, I'm not sure. It seems to be the problem in this part. If it is written as fixed, can it pass authorization?

Here is the Oauth test I did in Power Automate, hope it can give you some hints.

https://yzhums.com/33195/

Thanks.

ZHU

Was this reply helpful? Yes No
Gerardo Rentería Ga... 25,225 Most Valuable Professional on at

Like (1)

Report

Hi Have you tried configuring the application in the admin center?

Best

GR

Was this reply helpful? Yes No
Suggested answer

Chavda Dharmendra 1,000 on at

Like (3)

Report

Hello,

The below code is working fine for me.

try this one.

static async Task Main1(string[] args)
{
string ClientId = "(removed)";
string ClientSecret = "(removed)";
string TenantId = "(removed)";
string URL = "https://login.microsoftonline.com/" + TenantId + "/oauth2/v2.0/token";
HttpClient client = new HttpClient();
var content = new StringContent("grant_type=client_credentials" +
"&scope=https://api.businesscentral.dynamics.com/.default" +
"&client_id=" + HttpUtility.UrlEncode(ClientId) +
"&client_secret=" + HttpUtility.UrlEncode(ClientSecret));
content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded");
var response = await client.PostAsync(URL, content);
if (response.IsSuccessStatusCode)
{
JObject Result = JObject.Parse(await response.Content.ReadAsStringAsync());
string BearerToken = Result["access_token"].ToString();
//Token Generated

// API CAll
var client1 = new RestClient("https://api.businesscentral.dynamics.com/v2.0/TenantId/Sandbox/ODataV4/Company('CRONUS%20IN')/ItemCard('1896-S')");
client1.Timeout = -1;
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "Bearer " + BearerToken);
IRestResponse response1 = client1.Execute(request);
Console.WriteLine(response1.Content);
}
else
{
Console.WriteLine(response.Content);
}

}

If it works then mark a verified answer.

1 people found this reply helpful.

Was this reply helpful? Yes No