Skip to main content

Notifications

Small and medium business | Business Central, N...
Suggested answer

OAuth2.0 Multitenant application for Business Central

Posted on by 5

Hi everyone.

My team is developing application that will have option to connect to Dznamics 365 BC.

We want to have following use case:

Our user want's to retrieve some data from BC API, such as Invoices, Customer info and Products. 

Our idea for connecting to API is that user uses his account to sign-in as user with Oauth2.0, we retrieve tokens and access API.

So now, my question is, is this possible to do if we create single Oauth2.0 Application on our tenant AD, and use client-id/secret in our application to authorize users.

Will our users be able to login with their credentials to access data that is on Business Central on their tenant?

Is this possible, or maybe we should use some other approach, like S2S or something else?

  • Suggested answer
    DAnny3211 Profile Picture
    DAnny3211 9,272 Super User 2024 Season 1 on at
    RE: OAuth2.0 Multitenant application for Business Central

    hi

    yes

    look this

    learn.microsoft.com/.../authenticate-web-services-using-oauth

    DAniele

  • Suggested answer
    Marco Mels Profile Picture
    Marco Mels on at
    RE: OAuth2.0 Multitenant application for Business Central

    Hello,

    The answer is written here:

    learn.microsoft.com/.../automation-apis-using-s2s-authentication

    Two main scenarios are enabled with S2S authentication:

    1. Company setup using automation API

    Automation APIs provide capability for automating company setup through APIs. The automation APIs are used to hydrate tenants, that is, to bring them to an initial state.

    The D365 Automation entitlements give access to APIs in the /api/microsoft/automation route by using the OAuth client credentials flow. An application token with the Automation.ReadWrite.All scope is needed for accessing Business Central Automation APIs.

    2. External user and non-interactive user access to APIs and web services.

    S2S authentication enables both external user and non-interactive user access to Business Central online. Refer to license guide for scenarios and usage. An application token with the API.ReadWrite.All scope is needed for accessing Business Central APIs and web services.

    The APP registration can be multitenant or singletenant.

    Hope it helps.

    Thank you.

  • RE: OAuth2.0 Multitenant application for Business Central

    We've studied S2S, and decided to go with it.

    Now, if I understood everything correctly. If we enable app for S2S to be multitenant, let's consider following example:

    We created App registration on our tenant A.

    Our first customer belongs to tenant B, he adds our app and grants consent to us.

    Our second customer belongs to tenant C, he adds our app and grants consent to us.

    When I request access token in my application, I will use login.microsoftonline.com/.../token and receive my token.

    How will I know for which customer to use API for,

    should I use api.businesscentral.dynamics.com/.../v2.0 URL together with my access token instead of

    api.businesscentral.dynamics.com/.../v2.0

    How do I differentiate between different customers/tenants?

    I've tried searching online, but couldn't find any resource explaining multitenant case for BC API with S2S.

  • Suggested answer
    Marco Mels Profile Picture
    Marco Mels on at
    RE: OAuth2.0 Multitenant application for Business Central

    Hello,

    Please take a look here:

    learn.microsoft.com/.../automation-apis-using-s2s-authentication

    Thank you.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Community AMA December 12th

Join us as we continue to demystify the Dynamics 365 Contact Center

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,240 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,149 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans