1 Overview
Microsoft has made OAuth authentication with Business Central the preferred security method. This article outlines the steps required to setup OAuth delegated authentication and configure the DynamicPoint EasyEXP365 application to leverage this authentication method.
2 App Registration in Azure
- Logon to you Azure Portal
- Search for “App Registrations”
- Select New Registration
- Give the registration a logical name, such as “Business Central Web Services for EasyEXP365”
- Leave all other options as default and click Register.
- Click API permission from the left hand navigation and Add a permission.
- Under the Microsoft APIs tab select Dynamics 365 Business Central
- Select Delegated Permissions
- Check both user_impersonation as well as Financials.ReadWrite.All
- Click Add Permissions
- Click Grant admin consent and click yes to the dialog message
- Click on the left hand navigation to Authentication
- Change the Allow public client flows to Yes and save the page
- Click back on Overview from the left hand navigation and copy the Application (client) ID. Save it to notepad such that it is available in the next step.
3 EasyEXP365
- Logon to the application as an administrator
- Click the gear in the upper right corner and select ERP settings
- With the Security Settings section, under Credential Type, select Azure AD Delegate
- Complete the following fields:
– Account – Your business central user as an email <example@company.com>
*Note: This account MUST be a valid Business Central service user that does NOT require Multi-Factor Authentication.
– Password – The Office 365 password of the user
– Client ID – With the value copied from the registration
- Click test and ensure it is successful
- Click save
