web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Season of Giving Solutions is Here!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Email from BC - The op...
Small and medium business | Business Central, N...
Suggested Answer

Email from BC - The operation was aborted to prevent exposing a secret value.

(5) ShareShare
ReportReport
Posted on by FW-22101011-0 17
Hi, all,
 
I am hoping someone may be able to shed some light on an issue we are facing.
We are currently migrating from NAV 2017 to Business Central 2024 Wave 1 on prem.
 
Our current configuration is as follows:
- Webserver is in our DMZ, NAT through to the web services from Entra ID IP ranges as specified by Microsoft in following location: https://www.microsoft.com/en-us/download/details.aspx?id=56519
- BC server and SQL instance on same server on our LAN
- Firewall rules to permit traffic for client and web services from DMZ to LAN, and WAN (Entra ID IP ranges) to DMZ. 
- Permissions for the API have been configured according to the following: 
    - Graph/User.Read Delegated
    - Graph/Mail.ReadWrite Delegated
    - Graph/Mail.ReadWrite Delegated
    - Graph/Mail.Send Delegated
    - Graph/offline_access Delegated
    - Graph/Mail.Send.Shared Delegated
- Client services using SSL
- Public SSL cert for web server
- Self-signed SSL for BC server for client services, authority trusted by web server in DMZ.
 
 
We are currently able to sign in to Business Central using Entra ID successfully, and used the guides located at https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/configure-web-server
 
The Problem
The issue we are facing, is that whenever we attempt to send an email or even access the page "Email Microsoft Entra application registration" we get the error: The operation was aborted to prevent exposing a secret value.
There is very little information on this error online, and I'm not sure where to start. 
 
I have attached the error in BC, as well as the Windows Event log.
 
 
 
 
Picture1.png
Screenshot 2024-10-22 113658.png
Categories:
Dynamics 365 Business Central
I have the same question (0)
  • Khushbu Rajvi. Profile Picture
    Khushbu Rajvi. 21,042 Super User 2025 Season 2 on at
    verify that your Microsoft Entra application registration has the correct permissions, including Graph API permissions like Mail.Send and Mail.Send.Shared, with admin consent granted. Additionally, check that the redirect URIs in the application registration match those used in Business Central, and ensure your SSL configuration is correct, with the self-signed certificate trusted by the web server in the DMZ.
     
  • FW-22101011-0 Profile Picture
    FW-22101011-0 17 on at
    Khushbu - Thank you for your response, 
    For some further information, we have a verified trust to our local CA from the webserver in the DMZ.
    In my original post, I mentioned the permissions which have been configured for the email application.
     
    All services such as SOAP, OData, Management and Client services are running via SSL from the BC server.
     
    I have managed to now grant the permissions to the Outlook REST API via Entra Applications in Business Central and it seems happy with this, however I am still unable to send emails or reach the page "Email Microsoft Entra application registration" as I continue to get the error "The operation was aborted to prevent exposing a secret value.".
     
    It is worth mentioning the following:
    - We are authenticating with Entra ID via App ID and Secret, rather than the app certificate.
    - The following URLs are configured: PublicODataBaseUrl, PublicSOAPBaseURL and PublicWebBaseURL are configured to the FQDN of the WEB server in the DMZ. The ports for SOAP and OData are not currently being NAT'ed through our firewall.
     
    Could either of these (mis) configurations cause an issue with what we are trying to achieve?
     
    Thanks in advance. 
     
  • CU28101530-0 Profile Picture
    CU28101530-0 3 on at
    Hi,
     
    Unfortunately, I run into the same issue when upgrading Onprem BC23 to BC24. I haven't changed anything and suddenly it stopped working. Microsoft, what has changed suddenly?? Seems this is a bug or something in BC24 to me...
     
    I hope someone got an answer for us...
  • FP-24112140-0 Profile Picture
    FP-24112140-0 2 on at
    Hallo,
    we are facing the same issue on BC24 on premise.
    Looks like it's a bug (or new security policy) introduced with version 24.
    Does anyone found a solution or maybe any hotfix?
     
    Thanks, Flavio.
  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 95,930 Super User 2025 Season 2 on at
    Sorry I can't help you directly, I suggest you submit a SR to Microsoft to help investigate this issue.
    Or you can submit it to the BC Yammer Group first.
    aka.ms/BCYammer: Dynamics 365 Business Central Partner Community (Formerly: Development)
    More details: About Business Central partner community on Viva Engage (formerly Yammer)
     
    Thanks.
    ZHU
  • JF-15011356-0 Profile Picture
    JF-15011356-0 3 on at
    For BC24 the error appears in the procedure GetClientIDAndSecret(var ClientId: Text; var ClientSecret: Text) in codeunit 4509 "Email - Outlook API Helper" (see the "Investigate Error" button in the email outbox).
     
    There it tries to get the secret from the Isolated Storage:
    if not IsolatedStorage.Get(Setup.ClientSecret, DataScope::Module, ClientSecret) then
                Error(CannotConnectToMailServerErr);
    but ClientSecret is of Type Text.
    When setting this value in procedure SetClientSecretInStorage() in page 4509 "Email - Outlook API Setup" with this line:
    IsolatedStorage.Set(Rec.ClientSecret, SecretClientSecret, DataScope::Module);
    the SecretClientSecret is of Type SecretText
    I believe this is where the error comes from...
    It seems to be fixed in BC25 (ALAppExtensions/Apps/W1/Email - Outlook REST API/app/src/EmailOutlookAPIHelper.Codeunit.al at main · microsoft/ALAppExtensions). Now the procedure uses a SecretText for the ClientSecret:
    procedure GetClientIDAndSecret(var ClientId: Text; var ClientSecret: SecretText)
     
    For BC24 I don't really see a workaround here. Has anybody else found one?
       

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Season of Giving Solutions is Here!

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,688

#2
Khushbu Rajvi. Profile Picture

Khushbu Rajvi. 784 Super User 2025 Season 2

#3
YUN ZHU Profile Picture

YUN ZHU 595 Super User 2025 Season 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans