4

I'm fairly new to D365 Finance & Operations and came across Microsoft's Service Samples on GitHub. Thought it was a good start to try and connect a simple .NET C# console application to D365. I know that this is a Dynamics AX Integration so if there's anything specific to D365 Finance & Operation, then please guide me to it.

I registered my D365 instance (not trial version) on Azure AD, created a secret key and also gave it permissions for Microsoft Dynamics ERP. I also registered Azure AD application on the D365 (System administration > Setup).

On my .NET solution I updated the configurations to match my configurations on Azure AD Tenant, Client/App ID and D365 URI.

When I run the console application I am successfully creating an authentication token of type bearer. The second I try to access data I am getting a 401 error. Here's a sample of request and response that I recorded using Fiddler.

GET https://xxxxx.sandbox.ax.dynamics.com/data/LegalEntities 
HTTP/1.1
OData-Version: 4.0
OData-MaxVersion: 4.0
Accept: application/json;odata.metadata=minimal
Accept-Charset: UTF-8
User-Agent: Microsoft ADO.NET Data Services
Authorization: Bearer xxxxxxxxxx
Host: xxxxx.sandbox.ax.dynamics.com

HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/10.0
WWW-Authenticate: authorization_uri="https://login.windows.net/xxxxx/oauth2/authorize"
ms-dyn-fqhn: sms-dev-1-99efa75e-d745-4a64-9d27-a06f7b230253
ms-dyn-namespace: AxProdDevTest
ms-dyn-tenant: devtest-lcs-99efa75e-d745-4a64-9d27-a06f7b230253
ms-dyn-role: dev
ms-dyn-aid: 371cd53f-ee91-0004-d4f8-1e3791eed301
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
p3p: CP="No P3P policy defined.  Read the Microsoft privacy statement at     https://go.microsoft.com/fwlink/?LinkId=271135"
Date: Mon, 11 Jun 2018 13:59:06 GMT
Content-Length: 0

I noticed that in the response it specifically says that P3P policy is not defined. Can someone shed some light on that please?

Moreover, is there some configurations that I'm missing? I am managing to get the token so the connection is there. It appears that I just don't have access to the data.

Thanks

UPDATE - Added source code I'm currently executing

string authHeader = string.Empty;
UriBuilder uri = new UriBuilder(ConfigurationManager.AppSettings["AzureUri"]);
AuthenticationContext authenticationContext = new AuthenticationContext(uri.ToString(), false);

string clientId = ConfigurationManager.AppSettings["ClientId"];
string clientSecret = ConfigurationManager.AppSettings["ClientSecret"];
ClientCredential clientCred = new ClientCredential(clientId, clientSecret);

Task <AuthenticationResult> authenticationResult = authenticationContext.AcquireTokenAsync(ConfigurationManager.AppSettings["DynamicsUri"], clientCred);
authHeader = authenticationResult.Result.CreateAuthorizationHeader();

Uri dataUri = new Uri(ConfigurationManager.AppSettings["DynamicsUri"] + "/data", UriKind.Absolute);
var context = new Resources(dataUri);

context.SendingRequest2 += new EventHandler<SendingRequest2EventArgs>(delegate (object sender, SendingRequest2EventArgs e) {
    e.RequestMessage.SetHeader("Accept", "application/json");
    e.RequestMessage.SetHeader("Authorization", authHeader);
});

foreach (var empEntity in context.Employees.Execute()){
    Console.WriteLine("Name: {0}", empEntity.Name);
}
Jan B. Kjeldsen
  • 17,817
  • 5
  • 32
  • 50
bonnu18
  • 75
  • 1
  • 11
  • Please go through this and see if if it helps. https://github.com/Microsoft/Dynamics-AX-Integration/issues/41 – Pradeep Muttikulangara Vasu Jun 11 '18 at 19:20
  • Thanks for the link. That link redirected me to a tutorial of the Recurring Integrations Scheduler. From that tutorial I had a look at the Installation section and the following sub sections - Registering an application in Azure Active Directory and Granting access for AAD application in D365FO. I had done these steps already and yet still getting a 401 Unauthorised error. Hours of research online and looks like many have faced this but still no solution can be found anywhere – bonnu18 Jun 12 '18 at 09:59
  • Can you please try adding in program.cs which you are executing? We used to get Error : "The underlying connection was closed: An unexpected error occurred on a send" and fix was adding below code. using System.Net; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12; – Pradeep Muttikulangara Vasu Jun 13 '18 at 02:40
  • Tried to add the SecurityProtocol but still getting a 401 Unauthorized error. Updated my post to include the code I'm using in Program.cs. Very straight forward - Get the token, append it to the request header and try to get some data. – bonnu18 Jun 13 '18 at 12:58
  • Are you able to execute MS samples from your side? Basically opening ServiceSamples.sln from https://github.com/Microsoft/Dynamics-AX-Integration/tree/master/ServiceSamples and executing ODataConsoleApplication? – Pradeep Muttikulangara Vasu Jun 14 '18 at 20:42
  • Out of curiousity, have you tried using a username/password authentication instead of client token auth? I have got these examples working a while back (over a year ago, on AX 7.0 Platform Update 2) but I was using username/password and not client token auth method. I see the code has changed a bit since I last was there... but I remember I just couldn't get client token authentication working for the life of me... – rjv Jun 14 '18 at 21:52
  • rjv - Yes I tried using the username/password authentication. Still the same 401 error. It creates the token but the moment I connected to a data entity I get the error. Pradeep - I am trying to execute the MS samples, specifically the ODataConsoleApplication. I manage to get the auth token but not the data. – bonnu18 Jun 19 '18 at 09:12
  • Have you given any "Reply URLs" for your azure web app? In our case we have give Ax URL. – Pradeep Muttikulangara Vasu Jun 19 '18 at 19:25
  • Yes, the same value as the Home Page URL, which is also the D365 URL (xxxxx.sandbox.ax.dynamics.com). In your case did you use of the App ID URI (found in App > Settings > Properties section) anywhere in the .NET solution? – bonnu18 Jun 20 '18 at 09:01
  • Nope. I have not used that anywhere. In recurring job example also the code looks similar https://blogs.msdn.microsoft.com/axsupport/2017/07/13/recurring-integrations-in-dynamics-365-for-operations/ – Pradeep Muttikulangara Vasu Jul 13 '18 at 06:16
  • 1
    Did you ever get an answer to this? I am wrestling with the same issue right now. – Chad Braun-Duin Oct 30 '18 at 20:30
  • I did find a solution to it. Turns out that cross-domain was the issue. I was trying to access the application using my work email xxx@something.com. The azure tenant had a different domain, xxx@different.com. This was the issue in my case. So then from within Visual Studio I added another account, which essentially is the email address used to log in on Azure. – bonnu18 Oct 31 '18 at 10:37

0 Answers0