Hi,

As many probably already know, basic auth will be removed from BC SaaS next year (https://docs.microsoft.com/en-us/dynamics365/business-central/dev-itpro/upgrade/deprecated-features-w1#accesskeys) so it seems all integration platforms that want to support it must implement OAuth2.

I have an integration that (mostly) accesses only Item (Object ID 30, Item Card) and Production BOM (Object ID 99000786) tables for record read/write/update. I managed to refactor my integration to use OAuth2 with application flow (which suits the best for the nature of my integration), and my AAD Application has been granted consent as well as SUPER permission set.

Everything works with Items. However, accessing Production BOM even for reading gives response 400: You do not have access to this object using an application as authentication.

Why?

My current dev environment has on-premise installation of Business Central 17.0.

If I’m forced to use yet another week or so to implement another type of authentication flow (https://github.com/microsoft/BCTech/tree/master/samples/PSOAuthBCAccess), how can I be sure what is supported with that flow and what is not?

Hi Simo,

Welcome to DUG.

Not quite sure about this, but we are using the AAD Application ID authentication, so I’m quite interested in the answer too. Even if we are on-premise.

The most obvious answer would if you did not have access to the Production BOM from the web client either?

And isn’t it a premium functionality, so AAD user must also be setup for this?