Authorize Dynamics 365 Business Central API

0
votes

I want to create a Webjob that is supposed to run on a schedule. The Purpose of the webjob is basically to check some database tables and create item(s) in Dynamics 365 BC accordingly if there are new entries in the tables. While designing an approach to achieve all this, the first step is to authenticate the API, so we could make POST Calls. The document here specifies different API endpoints which have their respective authentication mechanisms i.e. via Azure Active Directory (requires an app registeration with Delegatedpermissions for Dynamics Business Central API) or Basic Authentication. I know, we can get Access token from Azure active directory using client id and secret by:

ClientCredential clientCredential = new ClientCredential(clientId, clientSecret);
var authenticationContext = new AuthenticationContext(authorityUri, true);
AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync(resource, clientCredential).GetAwaiter().GetResult();
accessToken = authenticationResult.AccessToken;

Now, Since my web job needs to run at the back-end without any user interaction so, Azure AD authentication doesn't fit here as it requires user interaction to consent. Whereas Basic authentication is not recommended for production scenarios.
Please suggest how access token should be generated so it doesn't require user interaction.

EDIT

Per Allen's reply, basic authentication can be used for this scenario although Microsoft documents need to be updated to support this scenario. But, while exploring API endpoint https://api.businesscentral.dynamics.com/v1.0/<mydomain.com>/api/beta/companies using Postman and basic authentication, I am facing the following error:

{
    "error": {
        "code": "Authentication_InvalidCredentials",
        "message": "The server has rejected the client credentials.  CorrelationId:  641ea3fd-19d6-4402-8e68-a70145eb6da3."
    }
}

While i have generated webservice access key for my business central user and using that alongwith the username for basic authentication. I am sure that i am copying the correct webservice key. Any help will be highly appreciated.

1
c#azure-active-directorydynamics-business-central
Hi, do you have a chance to check my answer? Is it helpful? - Allen Wu

1 Answers

2
votes

The supported Authentication methods for Dynamics 365 BC are only these 2 options based on the official document:

  • Basis Authentication
  • AAD authentication

Basis Authentication is for none user interaction while AAD authentication is for user interaction.

So in your scenario AAD authentication has been Excluded, the only choice is Basis Authentication, which is for Application-only permission.

Although Basis Authentication is not recommended, you have to use it to meet your requirement currently.

And based on this post in Dynamics 365 Business Central Forum, @Stefano Demiliani has said that Basic Authentication can be used in a production environment, it only depends on your choice.