web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / HttpClient with Author...
Small and medium business | Business Central, N...
Suggested Answer

HttpClient with Authorization Issue

(1) ShareShare
ReportReport
Posted on by Greg Kujawa 787
So I have an AL codeunit procedure that obtains an access token from a third-party API service provider. The initial authorization isn't Basic or Bearer. It just requires the consumer the set an Authorization header value with the API key. If I make a test API request using Postman it works fine. From AL I'm getting an error stating.
 
The format of value '{myApiKey}' is invalid.
I redacted the {myApiKey} value, but it's a text value. A total of 108 characters. Below is my procedure. Specifically the procedure is failing at the Authorization header value being added. I have another procedure that makes an API call using an Authorization: Bearer {myAccessToken} header assignment, and that works fine. It must be something in BC 365 that doesn't like an Authorization header without the Basic or Bearer qualification. Any idea how I can resolve this issue?
 
procedure ObtainRestAccessToken(RequestUrl: Text; ApiKey: Text): Text
    var
        Client: HttpClient;
        RequestHeaders: HttpHeaders;
        RequestContent: HttpContent;
        ResponseMessage: HttpResponseMessage;
        RequestMessage: HttpRequestMessage;
        ResponseText: Text;
        ContentHeaders: HttpHeaders;
        JToken: JsonToken;
    begin
        RequestHeaders := Client.DefaultRequestHeaders();
        RequestHeaders.Add('Accept', 'application/json');
        RequestHeaders.Add('Authorization', ApiKey);
 
        RequestContent.GetHeaders(ContentHeaders);
        ContentHeaders.Clear();
        ContentHeaders.Add('Content-Type', 'application/json');
 
        Client.Post(RequestUrl, RequestContent, ResponseMessage);
        ResponseMessage.Content().ReadAs(ResponseText);
        JToken.ReadFrom('access_token');
        exit(GetValueAsText(JToken, ResponseText));
    end;
Categories:
Dynamics 365 Business Central
I have the same question (0)
  • Greg Kujawa Profile Picture
    Greg Kujawa 787 on at
    And for a test, I tried the same call in PowerShell. Worked just fine with these headers set. Screen shot below.
     
  • Suggested answer
    Greg Kujawa Profile Picture
    Greg Kujawa 787 on at
    I had to change the RequestHeaders.Add to be RequestHeaders.TryAddWithoutValidation in order to get the header to work. So good now.
  • Scott_itD Profile Picture
    Scott_itD Community Manager on at
    Thanks for coming back to the community and letting us know what worked, Greg Kujawa! Much appreciated!
  • Suggested answer
    Shrey Chauhan Profile Picture
    Shrey Chauhan 284 on at
    Hello,

    You can also check this code if it's working for you
     
    procedure GetAuthorizationToken()
        begin
            Clear(JObject);
            Clear(JToken);
            Clear(JValue);
            Clear(PostmanAccessTokenValue);
            Clear(AuthTokenvalue);
            Clear(TokenExpiresValue);
            Clear(RequestMessageforToken);
            Clear(Content);
            Clear(RequestHeaderforToken);
            Clear(ContentHeaders);
            Clear(ResponseMessage);
            Clear(ResponseText);
            Content.GetHeaders(contentHeaders);
            RequestMessageforToken.GetHeaders(RequestHeaderforToken);
            RequestHeaderforToken.Add('api-key', Rec."api-key");
            RequestMessageforToken.SetRequestUri(Rec."Authorization URL");
            RequestMessageforToken.Method('POST');
            if ContentHeaders.Contains('Content-Type') then ContentHeaders.Remove('Content-Type');
            ContentHeaders.Add('Content-Type', 'application/json');
            RequestMessageforToken.Content(Content);
            IsSuccessful := HttpClient.Send(RequestMessageforToken, ResponseMessage);
            if not IsSuccessful then
                Error('Status Code: %1\ Reason : %2', ResponseMessage.HttpStatusCode, ResponseMessage.ReasonPhrase)
            else begin
                ResponseMessage.Content.ReadAs(ResponseText);
                JObject.ReadFrom(ResponseText);
                // Read the token from the response text and store the value on configuration page field Token Value.
                if JObject.Contains('token') then begin
                    JObject.Get('token', JToken);
                    JValue := JToken.AsValue();
                    AuthTokenvalue := Format(JValue);
                    PostmanAccessTokenValue := DelChr(AuthTokenvalue, '=', '"');
                    Rec."Authorization Token" := PostmanAccessTokenValue;
                    Rec.Modify();
                end
                else begin
                    Error('The "Authorization Token" is not generated.');
                end;

    Hope this help you,
    May other experts give you correct solution.

    Thank you,
    Shrey Chauhan
  • Greg Kujawa Profile Picture
    Greg Kujawa 787 on at
    RequestHeaderforToken.Add('api-key', Rec."api-key");
    @shrey chauhan, thanks for the reply. But this doesn't address the actual header that I specified was required. This header you suggested essentially is "api-key: {whateverApiKeyValue}" whereas the API service provider requires a header of "Authorization: {whateverApiKeyValue}." The solution was adding the header through TryAddWithoutValidation, since for some unknown reason the AL interpreter was rejecting the Authorization header not having a value with a leading Basic, Bearer, etc. qualifier.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the March Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,949 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,064 Super User 2026 Season 1

#3
Khushbu Rajvi. Profile Picture

Khushbu Rajvi. 559 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans