Developer forum

Forum » Integration » OAuth2.0 with BC Plug-In Unit

OAuth2.0 with BC Plug-In Unit

Chris Søgaard
Chris Søgaard
Reply

Hi DW

We have a client running the BC Plug-In unit version 1.2.0.26 with BC20 in cloud.

We have tried to switch the authentication from basic to OAuth2.0 and have succesfully gained an access token. But when trying to test the endpoints that works with basic auth with OAuth2.0 auth, we're getting this error:

The remote server returned an error: (500) Internal Server Error. Response: Service "{CompanyName}/Codeunit/DWWebService" was not found!

Request:

  • URL: https://api.businesscentral.dynamics.com/v2.0/{TenantId}/{SandboxName}/WS/{CompanyName}/Codeunit/DWWebService
  • Ecom data: <GetEcomData><tables><Units type="all" setLanguage="ENU" languages="DAN, DEU, FRA" /></tables></GetEcomData>

Any idea what could be the issue here?

BR Chris Søgaard

 


Replies

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Reply

Hi Chris,
how are you connecting to the endpoint? Is it Dynamicweb TestEndpoint page or some add-in or connector service?
Have you configured the endpoint and OAuth2 endpoint authentication in the Dynamicweb Admin Endpoint management section and got the
OAuth2 access token there? What Dynamicweb version is used?
BR, Dmitrij

 
Chris Søgaard
Chris Søgaard
Reply

Hi Dmitrij

We're using Endpoint Management from DW Admin and testing the connection from there, and yes we have configured the admin through Endpoint mManagement to have both OAuth2.0 authentication and actual endpoints, please see screenshots below.

We're using DW 9.13.5

 

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Reply

Hi Chris,
What Dynamicweb version do you use? Can you try to run the endpoint in the Live integration or in any of the Batch tasks,
does it return the same connection error? Maybe it can be just a problem in the TestEndpoint page.
BR, Dmitrij

 
Chris Søgaard
Chris Søgaard
Reply

Hi Dmitrij

DW Version is 9.13.5.

It does not work when using it in Batch Integration either.

We have followed this guide for setting it up: https://doc.dynamicweb.com/documentation-9/integration/integration-framework/connector-service-and-authentication/authentication/oauth-2-0-for-business-central

BR Chris

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Reply

Hi Chris,
The error indicates that it can not find the DWWebService webservice so can you check the web service is available on the services list
and click on the SOAP url from this list and check its url is identical to the one you have in the Endpoint Url?


BR, Dmitrij

 
Chris Søgaard
Chris Søgaard
Reply

Hi Dmitrij

Yeah, that's the funny thing because the URL works when using basic authentication (Webservice Access Key). I only get this error when trying with OAuth.

Is there anything specific that needs to be done to enable the SOAP webservice for OAuth or anything we can check to see why this does not work with the specific authentication.

Does the Azure AD App Registration have to be registered directly in BC as well? I don't have directly access to the client's BC and Azure, so I'm just trying to get some information to take back to the ERP partner.

BR Chris

 

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Reply

Hi Chris,
I was not able to reproduce this error, tried the same request and 9.13.12.
The error is not connected to the authentication problem, usually when the problem is with authenticaion the error code is 401 Unauthorized
and the 500 internal server error means that the authentication was passed and then processing has failed, so that is why mine assumption is that smth is not
right with the web service Url or webservice in BC
BR, Dmitrij

 
Chris Søgaard
Chris Søgaard
Reply

Hi Dmitrij

We figured this out. It seems like the user used to gain the access token (user impersonated) didn't have an active BC license. This is stated in the guide from Microsoft here, that a license is needed: https://learn.microsoft.com/da-dk/dynamics365/business-central/dev-itpro/webservices/authenticate-web-services-using-oauth

Although it might seem obvious this differs from the S2S Auth setup that does not require an active BC license but only an unlicensed application account in BC. I will let this be up to you whether or not this should be stated in the guide for setting up OAuth in Endpoint, but for now this is for others that would stumble upon the same issue in the future.

BR Chris

  

 

You must be logged in to post in the forum