Granting Access
In order for GlobalAutomation to access your Business Central environment, a number of admin steps are required. In some environments, in might be different IT resources managing different parts of your security setup.
App Registration
You must create an App Registration in Microsoft Entra (formerly Azure AD). This step is performed by a network / security administrator user in your Azure environment.
Secure the App in Business Central
Once an application is registered, it must be secured in Business Central. This step is performed by an administrator level user in Business Central.
Secure GlobalCapture
GlobalCapture will need the App Registration details in order to authenticate on the server as necessary. This step is performed by your GlobalCapture admin. From the App Registration step, you will need:
Client Secret
Client ID (Application ID)
Tenant ID (Directory ID)
You will also need:
Company ID (or ID’s if you are dealing with multiple databases)
Type of Database (sandbox/production)
URL’s for scope, authorization, and business central endpoints (discuss in detail below).
Scope
All requests require a scope. Unless otherwise specified, all scopes targeting business central would be:
https://api.businesscentral.dynamics.com/.default
Auth
All requests require and Auth URL. Your Azure / Entra admin can confirm, but most Auth URLs will mirror what is outlined below, replacing TENANTID with your actual Tenant ID.
https://login.microsoftonline.com/TENANTID/oauth2/v2.0/token
Endpoint
All requests will target a specific Business Central endpoint. Your Business Central admin can provide specifics, but in most cases, the base endpoint URL will mirror what is outlined below, replacing COMPANYID with the company id provided and replacing TYPE with the instance type your are targeting:
https://api.businesscentral.dynamics.com/v2.0/TYPE/api/v2.0/companies(COMPANYID)/
Setting Node Defaults
The Dynamics 365 node can be provided Config options to simplify the deployment. In GlobalCapture Admin, click the Nodes menu, then Edit the Dynamics 365 node.
On the Config tab, add the following JSON configuration, being sure to make any instance specific substitutions as outlined above.
{
"config":{
"clientSecret":"YOURSECRET",
"clientId":"YOURID",
"scope":"https://api.businesscentral.dynamics.com/.default"
},
"authUrl":"YOURAUTHURL",
"endpointUrl":"YOURENDPOINT"
}
You are not required to set node defaults, but doing so will greatly simplify your overall configuration, will make future changes less likely to cause issues, and make the environment easier to support.
If any of these default parameters are set on the node itself in any workflow, that value will override the configuration specified above. In this way, it would be possible to use a baseline configuration that could be subsequently augmented with workflow logic to automatically make decisions about a company to target, or routing to production versus sandbox instances.