I am trying to call Dynamics 365 api using .net core (c#) and I am able to get it to work for one clientid (app) but when calling a second one I got bearer token but not able to call any of the entities since I got Unauthorized.
I am using Microsoft.IdentityModel.Clients.ActiveDirectory
var httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; //
var result = httpClient.GetAsync("Dynamics URL witl Version and Entity name goes here").Result;
var JSON = await result.Content.ReadAsStringAsync();
I think I have to be missing some security settings since under the same code using a different clientid to get the token I am able to get results but not sure what will be the reason.
Found a solution and missing step.
For future reference the missing step was creating a user on Dynamics CRM (not azure) assign a role (crlone from Administrator) and assign the application id from Azure directory to that user and then the API works.
Note: Please refer this article: http://phuocle.net/crm/dynamics-365-online-s2s-authentication-full-explain.aspx