In Business Central, Web Service Access Key is used for the authentication of business central from external applications. But unfortunately business central stopped the usage web service access key. There is another choice to authenticate Business central which is Azure Active Directory App.
This article guides you to register an app in Azure Active Directory and make the application data accessible for external client applications with OAuth authentication. The registered app allows you to read and write data in the application data. We can also register the app for other Dynamics 365 applications like CRM, Business Central/NAV and Finance and Operations. Let's dive into the process.
Prerequisites:
- Microsoft account with Dynamics 365 Business Central license
- The account should have administrator privilege
Steps:
- Login to azure portal and click on Active Directory.
- Select App Registration under the + Add dropdown
- A form opens aside, fill a meaningful name for your app, select Multi-tenant for account type, in the Redirect URI select platform as web and give url as https://businesscentral.dynamics.com/ and click on Register to create an app.
- In some seconds, the app got created and you have got to see the client id and tenant id.
- In the API Permissions menu click on + Add a permission,
- Select the desired app for enabling client to access. I have selected Dynamics 365 Business Central.
- Select the delegated permissions, check all the permissions and select all the permission under Application permissions also. Then click on Add permissions.
- After giving the consent, check all the permissions are getting the admin consent and finally the permissions list will looks like the below image
- In the Certificated & Secrets menu, click on the + New client secret, In the pop-up add a name, select the expiration duration and click Add.
- Navigate to the Business Central and search for Azure Active Directory applications and get into it.
- Click on + to add a new record. Add the Client ID and Description from the registered Azure App
- Change the State field value to Enabled and click on Yes in the confirmation alert.
- In the User Groups, select the D365 FINANCE, D365 ACCOUNTANTS and D365 FULL ACCESS from the list.
- Using this app you can connect Business Central to external system using these client id and secret