1 Overview
Microsoft has made OAuth authentication with Business Central the preferred security method. This article outlines the steps required to setup OAuth authentication and configure the DynamicPoint Portal application to leverage this authentication method.
2 App Registration in Azure
- Logon to you Azure Portal
- Search for “App Registrations”
- Select New Registration
- Give the registration a logical name, such as “Business Central Web Services for Portal”
- Leave all other options as default and click Register.
- Click API permission from the left hand navigation and Add a permission.
- Under the Microsoft APIs tab select Dynamics 365 Business Central
- Select Delegated Permissions
- Check both user_impersonation as well as Financials.ReadWrite.All
- Click Add Permissions
- Click Grant admin consent and click yes to the dialog message
- Click on the left hand navigation to Authentication
- Change the Allow public client flows to Yes and save the page
- Click back on Overview from the left hand navigation and copy the Application (client) ID. Save it to notepad such that it is available in the next step.
3 Customer / Vendor Portal
- Logon to the application as an administrator
- Click the gear in the upper right corner and select Credentials
- Click CREATE
- With the Create Credential section, under Credential Type, select Azure AD Delegate
- Complete the following fields:
– Integration User – Your business central user as an email <example@company.com>
*Note: This account MUST be a valid Business Central service user that does NOT require Multi-Factor Authentication.
– Password – The Office 365 password of the user
– Client ID – With the value copied from the registration
- Click CREATE to Save New Credential.
- Go into your Portal Services to change the credential to your new OAUTH Credential
