Skip to main content

Notifications

Small and medium business | Business Central, N...
Answered

Grant Type password credentials with Oauth ?

Posted on by 69

Hi everyone, 

I'm trying to call an API exposed by a partner, that seems to have a grant type for which I can't find any method in BC. 

In postman, the grant type that i'm using is "Password credentials" that uses both a username/password and an Id/secret, but i can't find any corresponding method in the Oauths codeunits. 

pastedimage1681227639658v1.png

Note that the "client credentials" method is simply unauthorized.

Is that even possible to do in BC ? 

  • Amolm Profile Picture
    Amolm 19 on at
    Grant Type password credentials with Oauth ?
    I think I got it..

    We have to write :
     
     ContentText := 'grant_type=password' +
                                        '&client_id=' + UriBuilder.EscapeDataString(ClientID) +
                                '&client_secret=' + UriBuilder.EscapeDataString(ClientSecret) +
                                '&username=' + UriBuilder.EscapeDataString(UserID) +
                                '&password=' + UriBuilder.EscapeDataString(UserPassword) +
                                '&scope=' + UriBuilder.EscapeDataString('all');

    Content.WriteFrom(ContentText);   //Aditional
     
    And rest all suggested by Gian
     
     
     
  • Amolm Profile Picture
    Amolm 19 on at
    Grant Type password credentials with Oauth ?
    Hi,

    I want to use the same "Grant-Type" as "password" in one of the application token generator.
     
    And I do see the code recommendation from Gian and Valentine.
     
    But I am not sure where and how this variable is used. 
     
    "ContentText".
     
     
    In Postman, I use this data in Request Body.
     
    Could someone help here?
  • Gianfranco C. Profile Picture
    Gianfranco C. 370 on at
    RE: Grant Type password credentials with Oauth ?

    Glad to have been helpful :)

  • Valentine Motin Profile Picture
    Valentine Motin 69 on at
    RE: Grant Type password credentials with Oauth ?

    Solved ! I tried your suggestion and just changed it to : 


            ContentText := 'grant_type=password' +
                                        '&client_id=' + UriBuilder.EscapeDataString(ClientID) +
                                '&client_secret=' + UriBuilder.EscapeDataString(ClientSecret) +
                                '&username=' + UriBuilder.EscapeDataString(UserID) +
                                '&password=' + UriBuilder.EscapeDataString(UserPassword) +
                                '&scope=' + UriBuilder.EscapeDataString('all');
    It works ! Thank you so much for your answers
  • Valentine Motin Profile Picture
    Valentine Motin 69 on at
    RE: Grant Type password credentials with Oauth ?

    Hi Gian,

    This is what my request and response looks like in Postman when using password grant type

    pastedimage1681286880380v1.png

  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 73,339 Super User 2024 Season 2 on at
    RE: Grant Type password credentials with Oauth ?

    Hi, just adding some info about Oauth, hope that gives you some hints.

    https://yzhums.com/20690/
    https://yzhums.com/33195/

    Thanks.

    ZHU

  • Verified answer
    Gianfranco C. Profile Picture
    Gianfranco C. 370 on at
    RE: Grant Type password credentials with Oauth ?

    I believe you must first retrieve the access token, and then you must use it as the bearer authentication method in subsequent calls.
    Try this:

        procedure HttpRequest()
        var
            Token: Text;
            AuthString: Text;
            BearerLbl: Label 'Bearer %1', Locked = true;
        begin
            Token := GetToken();
    
            Headers := Client.DefaultRequestHeaders();
            AuthString := StrSubstNo(BearerLbl, Token);
            Headers.Add('Authorization', AuthString);
    
            RequestMessage.SetRequestUri(URL);
            // your code
            Client.Send(RequestMessage, ResponseMessage);
    
        end;
    
        procedure GetToken(): Text
        var
            UriBuilder: Codeunit Uri;
            Content: HttpContent;
            ContentHeaders: HttpHeaders;
            Request: HttpRequestMessage;
            Response: HttpResponseMessage;
            ResponseText: Text;
            Token: Text;
            ContentText: Text;
        begin
            ContentText := 'grant_type=client_credentials'  
                                '&client_id='   UriBuilder.EscapeDataString(ClientId)  
                                '&client_secret='   UriBuilder.EscapeDataString(ClientSecret)  
                                '&scope='   UriBuilder.EscapeDataString(Scope);
    
            Content.GetHeaders(ContentHeaders);
            ContentHeaders.Remove('Content-Type');
            ContentHeaders.Add('Content-Type', 'application/x-www-form-urlencoded');
    
            Request.Method := 'POST';
            Request.SetRequestUri(Url);
            Request.Content(Content);
    
            if Client.Send(Request, Response) then
                if Response.IsSuccessStatusCode() then
                    if Response.Content.ReadAs(ResponseText) then
                        Token := ResponseText; //check responsetext; sometimes is a json with key access_token
        end;
    

    Don't forget to help the community by Verifying the answer and Like it if your question has been answered. It will let others know that the topic has verified answer.

    Thanks & Regards,
    Gian

  • Suggested answer
    Nitin Verma Profile Picture
    Nitin Verma 21,091 Super User 2024 Season 1 on at
    RE: Grant Type password credentials with Oauth ?

    Hi,

    You try as per below parameters

    grant_type=client_credentials
    &client_id=144439fc-3c33-XXXXXXXXX4c28a23
    &scope=api.businesscentral.dynamics.com/.default
    &client_secret=nV38Q~oHl4hJ6eXXXXXXXXXXosdxZtLiMNaGx

  • Gianfranco C. Profile Picture
    Gianfranco C. 370 on at
    RE: Grant Type password credentials with Oauth ?

    hello ,

    in postman, the variable "ClientID" and "ClientSecret" how are used? you can show the call log (obscuring sensitive data)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Community AMA December 12th

Join us as we continue to demystify the Dynamics 365 Contact Center

New! Quick response templatesâš¡

Save time with the new custom templates!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,228 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,056 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans