Search code examples
c#oauth-2.0azure-active-directorybearer-tokendynamics-365

Access to Dynamics Business Central with Client Secret

I am trying to make a connection to the Business Central service with the authentication details and it gives me an error. Whereas when I test it on Postman, it works perfectly.

I must be missing something that I am not seeing and I hope you can help me. The code I have so far is the following:

using System.Net.Http;
using System.Net.Http.Headers;
using Microsoft.Identity.Client;

private void BusinessCentral()
{
    string TenantId = "...";
    string ClientId = "...";
    string ClientSecret = "...";

    string CallbackUrl = @"https://businesscentral.dynamics.com/";
    string GetUrl = string.Format(@"https://api.businesscentral.dynamics.com/v2.0/{0}/Production/api/v2.0/companies", TenantId);

    try
    {
        string[] Scopes = new[] { "https://api.businesscentral.dynamics.com/.default" };
        var App = ConfidentialClientApplicationBuilder
            .Create(ClientId)
            .WithClientSecret(ClientSecret)
            .WithRedirectUri(CallbackUrl)
            .WithTenantId(TenantId)
            .Build();

        var result = App.AcquireTokenForClient(Scopes).ExecuteAsync().Result;

        if (result != null)
        {

            HttpClient HttpCli = new HttpClient();
            var defaultRequestHeaders = HttpCli.DefaultRequestHeaders;
            if (defaultRequestHeaders.Accept == null || !defaultRequestHeaders.Accept.Any(m => m.MediaType == "application/json"))
            {
                HttpCli.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            }
            defaultRequestHeaders.Add("Authorization", result.CreateAuthorizationHeader());

            HttpResponseMessage response = HttpCli.GetAsync(GetUrl).Result;
            if (response.IsSuccessStatusCode)
            {
                string json = response.Content.ReadAsStringAsync().Result;
                var apiResult = JsonConvert.DeserializeObject<List<JObject>>(json);

            }
            else
            {
                string content = response.Content.ReadAsStringAsync().Result;
                // ERROR: "code": "Authentication_InvalidCredentials", "message":"The server has rejected the client credentials.

            }
        }
    }

    catch (Exception ex)
    {
        
    }
}

The error it returns is the following:

{"error":{"code":"Authentication_InvalidCredentials","message":"The server has rejected the client credentials. CorrelationId: 161ce9f5-f2f7-4f56-ad1e-b5a7a159292e."}}

Referral link: Github: active-directory-dotnetcore-daemon-v2

Thanks for your support.

Solution

  • The code is correct, the problem was with the Business Central configuration regarding permissions.

    I don't have access to that configuration, therefore I cannot give details.