Remotes for D365 Business Central Cloud
- Morten Lindequist Køhler
OAuth - Active Directory Configuration
Firstly create an app registration in Azure portal in the subscription that the OAuth has to be configured in.
Give the app registration a name and register it.
Configure App Registration
After creating the app registration, go to API permissions option and configure the Business Central API privileges
Add the permissions necessary for your app registration, for this example Business Central gets all the privileges both in “Delegated- and Application permissions:
Add the permissions and grant them admin consent:
Next go to Certificates & secrets and create a new client secret, give the secret a suiting name and an expiry date
Copy the Value from the secret and store it somewhere safe, after leaving this page it won’t be accessible again and there must be created a new one.
The app has now been fully configured, copy the following IDs from the app in order to continue with the configuration:
Application (client) ID
Client Secret
OAuth 2.0 authorization endpoint (v2)
OAuth 2.0 token endpoint (v2)
D365 Business Central - Azure Active Directory Applications
In order to authorize the Azure app registration in Business Central it must be added in Business Central.
Open Business Central and search for “Azure Active Directory Applications” open the page and click “New” insert the app registration’s Application (client) ID and give it a suiting name.
Give the right amount of permissions which the app can authorize to, in this example the app registration has full D365 access:
Test OAuth in Postman
Expose a web service in Business Central (could be Item List) and copy the web service’s OData URL and paste it in Postman.
Go to the Authorization tab and select the type OAuth 2.0, scroll down to the “Configure New Token” section and fill out the fields, this is where the copied IDs will be used from the previous step.
Give the token a name, the grant type must be “Client Credentials”:
In Postman a scope must be defined, for testing purpose the following scope is sufficient “ https://api.businesscentral.dynamics.com/.default “
Lastly click Get New Access Token, and copy the token, now scroll up and paste it in the token section:
Once the token has been pasted the request for the web service can be sent:
Test in Perfion
Go to Remote Queries in Perfion Administration, create a new remote query and a new connection:
Remote connection
Go to remote connection option in Perfion and right click the list and a new connection, in the configuration windows right-click the connection info field and select “With OAuth authentication with client secret”
Fill out the fields with the information required as following:
Note that the URI is the web service OData URL used in BUT without the specified list therefore it must end on “ODataV4”.
Remote Query
Now that the connection has been configured, go to remote queries in Perfion and create a new one. For testing purposes these information are enough to test if a connection can be established:
In the left side “Select Statement” paste the rest of the URI used in Postman after the “ODataV4” part, to filter the OData in Perfion the following must be added to the select statement “ ?$filter=Perfion.In(ItemList:No,#@KEYFEATURE#)” .
NOTE: Perfion expects the “No” which is the item number in Business Central to be a numeric value, but Business Central delivers it as a string, therefore it must be queried with the extra parameter that is the web service name in this example it is “ItemList” .
To select a specific product a key for which item is being requested must be defined, this XML example can be used for that:
<RemoteQuerySetup name='QueryName' keyFeature='2' type='Single' localizable='false'>
<Test>
<!-- Group parameter -->
<Group>All</Group>
<!-- Key parameters -->
<Key>1896-S</Key>
</Test>
<Default>
</Default>
</RemoteQuerySetup>
To test the remote query click “Test” and result should be shown: