web
You’re offline. This is a read only version of the page.
close
Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Business Central web s...
Small and medium business | Business Central, N...
Suggested answer

Business Central web services Query param instead of header param

(0) ShareShare
ReportReport
Posted on by Salomon 5

Heya

trying to connect to the web services via javascript. Having a really hard time succeeding. Keeps giving me a cors error. Wonder - Is it possible to connect to it with a query param instead of a header param? My experience is, that it is a lot easier. Example: 

localhost:endpoint/username=xxxxx&password=&&&&&&

Currently I'm doing as follows (but i keep getting 401 even though I'm certain the credentials are correct.):

    <script>
  async function getUser() {
        try {
            const response = await fetch("">xxxxx.dv.local:7048/.../xxxxxxx", {
            method: 'GET',
            mode: 'no-cors',
            headers: {
                accept: 'application/json',
                'Authorization': 'Basic '+btoa('xxxxxx:xxxxxxx.')
            },
            });

            if (!response.ok) {
            throw new Error(`Error! status: ${response.status}`);
            }

            const result = await response.json();
            console.log(result)
            return result;
        } catch (err) {
            console.log(err);
        }
        }

        getUser();
    </script>

I have the same question (0)
  • Salomon Profile Picture
    Salomon 5 on at
    RE: Business Central web services Query param instead of header param

    pastedimage1659358874930v1.png

    It seems i can only authenticate via NTLM. This does not provide a javascript code snippet that is functional. Am not completely sure why this is the case.

  • Salomon Profile Picture
    Salomon 5 on at
    RE: Business Central web services Query param instead of header param

    Hey Jeffrey

    Not too worrid about exposing the credentials as it is an on-premise application. However i will look into switching to Oath2 if possible for a localhosted BC365.

  • Salomon Profile Picture
    Salomon 5 on at
    RE: Business Central web services Query param instead of header param

    Tried it in postman but can strangely only get it to work with NTLM authentication. This does not provide a code snippet that is functional in Javascript.

  • Suggested answer
    Nitin Verma Profile Picture
    Nitin Verma 21,613 Moderator on at
    RE: Business Central web services Query param instead of header param

    Hi,

    Its not recommended to use URL with credentials, you can try OAuth.

    Thanks.

  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 90,113 Super User 2025 Season 2 on at
    RE: Business Central web services Query param instead of header param

    Hi, This seems to be an authentication issue.
    Although Microsoft recommends Oauth, it can still be used until BC21.

    You can test it in PostMan and then turn to Code.

    pastedimage1659313936981v1.png

    Hope this helps.

    Thanks.

    ZHU

  • Suggested answer
    Jeffrey Bulanadi Profile Picture
    Jeffrey Bulanadi 6,939 on at
    RE: Business Central web services Query param instead of header param

    Hi Salomon,

    This is vulnerable to web attacks as you exposed the credentials thru url.

    Going back to your requirements, Microsoft recommends to use the OAuth 2.0 authentication method. Below links is much easier to understand as it shows an actual procedure how to do it.

    robertostefanettinavblog.com/.../

    www.kauffmann.nl/.../

    https://yzhums.com/20690/

    If you find this useful please give it a like or verify the answer. By this way you can help other members know that the topic has been answered. Have a nice day. Thank you.

    Cheers,

  • Suggested answer
    Inge M. Bruvik Profile Picture
    Inge M. Bruvik 1,035 Moderator on at
    RE: Business Central web services Query param instead of header param

    You should probably switch to Oauth instead of basic authentication.

    Here are some links for you:

    docs.microsoft.com/.../authenticate-web-services-using-oauth

    docs.microsoft.com/.../web-services-authentication

  • Salomon Profile Picture
    Salomon 5 on at
    RE: Business Central web services Query param instead of header param

    Not Cors but 401 Unathorized.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Dynamics 365 Community Calls Return
Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft
Responsible AI policies for the Community

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Andrés Arias – Community Spotlight

We are honored to recognize Andrés Arias as our Community Spotlight honoree for…

Congratulations to the August Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
Sohail Ahmed Profile Picture

Sohail Ahmed 2,678 Super User 2025 Season 2

#2
Sumit Singh Profile Picture

Sumit Singh 2,635

#3
Jeffrey Bulanadi Profile Picture

Jeffrey Bulanadi 2,210

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans