Postman is the tool which is used to develop and test API's. Let's see how you can connect the registered app for the Dynamics 365 Business Central application with the external system which is Postman to test Web API using the OAuth 2.0 Authentication.
Pre-requisites:
- Postman app - download here or use online version
- Registered Azure AD app for Business Central - Click here to see how to register an app in Azure AD.
Create a Postman Collection:
Create a collection by clicking the + icon in the top left corner of the menu. This collection holds some values which is often used for authentication and HTTP requests. Those values are declared as variables and it is reusable. The variables are simply used by placing double curly braces on both beginning and end like {{<variable name>}}. These variables are used inside another variable also.
Variable Name | Value |
---|---|
base | https://api.businesscentral.dynamics.com/ |
tenant | tenant-id |
authurl | https://login.microsoftonline.com/{{tenant}}/oauth2/authorize?resource={{base}} |
authtoken | https://login.microsoftonline.com/{{tenant}}/oauth2/token?resource={{base}} |
clientid | client id |
clientsecret | client secret |
companyId | Record id of the company |
env | environment name |
The above variables are declared in Postman collection under the variables tab and these variables are used for the upcoming OAuth 2.0 token generation. The below image shows the variables inside the collection.
Move on to the Authorization tab in the collection. select the type as OAuth 2.0. In the Configure new Token section, fill the Token Name, Grant type as implicit, use the declared variables for callback URL, Auth URL, Client ID and set Client Authentication as Send client credentials in body.
Token Generation:
Click on the Get New Access Token at the bottom of the section. Microsoft login for the authentication is required, if it is the first time otherwise the token is generated within the fraction of seconds. Click on Use Token to access the token for the requests from Postman.
Note: The token has a expiration. It should be re-generated once it is expired.
Postman Request:
https://api.businesscentral.dynamics.com/v2.0/{tenant-id}/{environment-name}/api/v2.0/companies