Hi,
My goal is to receive the Access Token programmatically, for this i decided at first to do this through Postman.
I'd like to say that my Business Central app is configured with AAD, so I have all the necessary credentials for future requests:
1) Directory (tenant) ID
2) Application (client) ID
3) Client secret
At first I'm trying to make Authorization Request to receive Authorization code. As it is written in official Oauth 2.0 documentation, I should use the authorization endpoint URI.
In my case it looks like : https://login.windows.net/{{tenantID}}/oauth2/authorize?response_type=code&client_id={{client_id}}&redirect_uri=https://businesscentral.dynamics.com/{{tenantID}}/Sandbox --- GET
This request successfully returns me an authorization code, which is necessary to request an Access token.
My next step is Access Token Request
It contains of:
grant_type
REQUIRED. Value MUST be set to "authorization_code".
code
REQUIRED. The authorization code received from the
authorization server.
redirect_uri
REQUIRED, if the "redirect_uri" parameter was included in the
authorization request, and their
values MUST be identical.
client_id
REQUIRED, if the client is not authenticating with the
authorization server
Access Token endpoint looks like:
login.microsoftonline.com/.../token --- POST
All necessary parameters are set in the body. But, without the client_secret it returns me:
"AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'."
If I set the client secret from AAD it returns me "AADSTS7000215: Invalid client secret is provided"
This client secret works if i use Postman Oauth 2.0 authentication to receive access token, so the reason is not in credentials but in my actions.
Any ideas? Thanks in advance!
