Hi everyone,
I'm trying to call an API exposed by a partner, that seems to have a grant type for which I can't find any method in BC.
In postman, the grant type that i'm using is "Password credentials" that uses both a username/password and an Id/secret, but i can't find any corresponding method in the Oauths codeunits.
Note that the "client credentials" method is simply unauthorized.
Is that even possible to do in BC ?
Glad to have been helpful :)
Solved ! I tried your suggestion and just changed it to :
Hi Gian,
This is what my request and response looks like in Postman when using password grant type
Hi, just adding some info about Oauth, hope that gives you some hints.
https://yzhums.com/20690/
https://yzhums.com/33195/
Thanks.
ZHU
I believe you must first retrieve the access token, and then you must use it as the bearer authentication method in subsequent calls.
Try this:
procedure HttpRequest() var Token: Text; AuthString: Text; BearerLbl: Label 'Bearer %1', Locked = true; begin Token := GetToken(); Headers := Client.DefaultRequestHeaders(); AuthString := StrSubstNo(BearerLbl, Token); Headers.Add('Authorization', AuthString); RequestMessage.SetRequestUri(URL); // your code Client.Send(RequestMessage, ResponseMessage); end; procedure GetToken(): Text var UriBuilder: Codeunit Uri; Content: HttpContent; ContentHeaders: HttpHeaders; Request: HttpRequestMessage; Response: HttpResponseMessage; ResponseText: Text; Token: Text; ContentText: Text; begin ContentText := 'grant_type=client_credentials' '&client_id=' UriBuilder.EscapeDataString(ClientId) '&client_secret=' UriBuilder.EscapeDataString(ClientSecret) '&scope=' UriBuilder.EscapeDataString(Scope); Content.GetHeaders(ContentHeaders); ContentHeaders.Remove('Content-Type'); ContentHeaders.Add('Content-Type', 'application/x-www-form-urlencoded'); Request.Method := 'POST'; Request.SetRequestUri(Url); Request.Content(Content); if Client.Send(Request, Response) then if Response.IsSuccessStatusCode() then if Response.Content.ReadAs(ResponseText) then Token := ResponseText; //check responsetext; sometimes is a json with key access_token end;
Don't forget to help the community by Verifying the answer and Like it if your question has been answered. It will let others know that the topic has verified answer.
Thanks & Regards,
Gian
Hi,
You try as per below parameters
grant_type=client_credentials
&client_id=144439fc-3c33-XXXXXXXXX4c28a23
&scope=api.businesscentral.dynamics.com/.default
&client_secret=nV38Q~oHl4hJ6eXXXXXXXXXXosdxZtLiMNaGx
hello ,
in postman, the variable "ClientID" and "ClientSecret" how are used? you can show the call log (obscuring sensitive data)
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
André Arnaud de Cal... 291,228 Super User 2024 Season 2
Martin Dráb 230,056 Most Valuable Professional
nmaenpaa 101,156