Using OAuth 2.0 to connect Business Central APIs and Web Services in Power Automate – OAuth in HTTP action

Dynamics 365 Business Central

Hi, Readers.
As you might know, Web Service Access Keys (Basic Auth) for Business Central Online has been removed with Business Central 2022 release wave 1. We are gradually transitioning from Basic Auth to OAuth over the year.
And last year we discussed how to use OAuth 2.0 to connect Business Central APIs and Web Service in Postman.

Another question I am often asked afterwards is whether it is possible to use OAuth 2.0 authentication in Power Automate to access the Business Central APIs and Web services.

Yes, of course. So I’d like to talk briefly about it today.

First of all, Microsoft has prepared a number of standard connectors for Business Central, which can be used directly without special setting of OAuth authentication. For example,



More details: Power Platform and Azure Logic Apps connector for Business Central online has moved out of preview and is now general availability

In this post we will focus on how to make an HTTP Request in Power Automate using OAuth authentication.

Setting up OAuth 2.0

This part of the setup is the same as in Using OAuth to connect Business Central APIs and Web Service in Postman. If you have already completed these settings, you can skip this chapter.

1. Access to Azure Portal.

2. Search for App registrations and then choose the related link.

3. Choose New registration to create a new app registration.

Enter the Name, select account type, then choose Register.

Created successfully.

4. Choose Authentication.

Choose Add a platform.

Choose Web.

Enter the redirect URl of the application, and then choose Configure.
For example: https://localhost:8080/login

5. Choose API permissions.

Choose Add a permission.

Find Dynamics 365 Business Central and click it.

You can choose the required permissions according to your situation.
For example:
Choose Delegated permissions.

Select the permissions, and then choose Add permissions.

Choose Add a permission again.

Click Dynamics 365 Business Central Central.

Choose Application permissions this time.

Select the permissions you need, then choose Add permissions.

Choose Grant admin consent for Contoso.

Choose Yes.

More details:

6. Choose Certificates & secrets.

Choose New Client secret.

Enter Description and select Expires, then choose Add.

The settings in Azure Portal is over.

The following is the information you can get.

Application (client) ID: a80c03cf-6ffa-4b6e-b2c8-6005310d3d87
Certificates & secrets value: fME7Q~cAaSBhXMGZoHY3ei64nn1fxGpqF42mh
Directory (tenant) ID: d8f36038-1f93-4543-affc-5dc92b6ee871

7. Log in to the BC environment you need to connect, and enter aad in tell me, then choose the related link.

Choose New.

Enter Client ID and Description first.
For example:
Client ID: {a80c03cf-6ffa-4b6e-b2c8-6005310d3d87}
Description: ZYDemo

Then assign permissions to the AAD application. This is the same as the operation on the user card.

Note: Super is not allowed.

You cannot assign ‘SUPER’ permission set to an application. Consider assigning less encompassing permission sets that are specifically designed for the intended purpose.

More info:

Go back to Azure Active Directory Applications page, and confirm that the State is Enabled.

HTTP request in Power Automate

In Postman, we need to enter the following information to get new access token and then we can access the BC data by APIs or Web Service. (You can use variables instead to keep sensitive data secure)

Access Token URL: (Change it to your tenant ID)

Client ID: a80c03cf-6ffa-4b6e-b2c8-6005310d3d87

Client Secret: fME7Q~cAaSBhXMGZoHY3ei64nn1fxGpqF42mh


Cilent Authentication: Send client credentials in body

In fact, it is the same in Power Automate, what we have to do is also two steps, the first step is to get the Access Token and the second step is to use this Access Token to run HTTP methods.

Let’s get started right away.

1. Choose + Create to create a new flow.

Choose Skip.

Then an empty flow is created.

2. Select Manually trigger a flow as the trigger for this test.

3. Choose + New step, then search for HTTP to add it.

4. Add the following settings.

Method: POST

URl: (Access Token URL in Postman)

Headers: Content-Type : application/x-www-form-urlencoded

Body: grant_type=client_credentials&client_id=a80c03cf-6ffa-4b6e-b2c8-6005310d3d87&client_secret=9Na8Q~ZR50fws6VbEv_kpQb2_F.fTI2KVdHAma~1&scope= (Note it’s just one string, not JSON format, and the contents are the same as the set in Postman, Grant Type, Client ID, Client Secretand Scope)

To make it easier to understand, let’s rename this step, for example, Get New Access Token

PS: At this step, we have been able to test whether the Token can be obtained properly.

Save -> Test

Manually -> Test

Run flow

Your flow run successfully.

You can find access token in Body.😁

Let’s continue. For ease of use, in the next step we will get the access token from the the body of the previous HTTP action.

5. Choose + New step, then search for Compose to add it.

Enter “@outputs(‘Get_New_Access_Token’).body.access_token“. ‘Get_New_Access_Token’ is the name of the previous HTTP action with the space replaced by the underscore.

We can test it again. And it looks good.

6. Use this Access Token to access BC’s API.

Choose + New step, then search for HTTP to add it.

As run in Postman below, we use Get Method to get the information of employees in BC.
Test Endpoint:$select=id,number

Add the following settings.

Method: Get


Headers: Bearer Outputs (Please note that there is a space in the middle.)

Outputs need to be selected from Dynamic Content.

PS: This information can also be found in Postman.

Okay, the setup is completely finished. Let’s test it together.

Your flow run successfully.

You can choose Show raw outputs to see more info.

Test Video:

Pretty simple, isn’t it? Give it a try!!!😁


Hope this will help.

Thanks for reading.



Copied title and URL