<p>2021-10-12更新:BC现在支持客户端凭据流</p>
<p>需要进行一些额外的设置。以下链接将引导您浏览:</p>
<p><a href="https://www.kauffmann.nl/2021/07/06/service-to-service-authentication-in-business-central-18-3-how-to-set-up/" rel="nofollow noreferrer">https://www.kauffmann.nl/2021/07/06/service-to-service-authentication-in-business-central-18-3-how-to-set-up/</a></p>
<p>归结起来是:</p>
<ol>
<li>在Azure Active Directory中注册外部应用程序
<ul>
<li>在Azure中创建应用程序(特别注意重定向URI)</li>
<li>设置所需的权限(“Dynamics 365 Business Central/API.ReadWrite.All”)</li>
<li>制造秘密</li>
</ul>
</li>
<li>在Business Central中创建外部应用程序帐户
<ul>
<li>从您注册的Azure应用程序添加客户端ID</li>
<li>添加权限(例如“<em>D365基本</em>”和“<em>D365销售单据,编辑</em>”)</li>
<li>同意</li>
</ul>
</li>
</ol>
<p>此时,您可以通过以下方式获得令牌:</p>
<pre class="lang-sh prettyprint-override"><code>curl location request GET 'https://login.microsoftonline.com/<tenant>/oauth2/v2.0/token' \
header 'Content-Type: application/x-www-form-urlencoded' \
data-urlencode 'grant_type=client_credentials' \
data-urlencode 'client_id=<client>' \
data-urlencode 'scope=https://api.businesscentral.dynamics.com/.default' \
data-urlencode 'client_secret=<secret>'
</code></pre>
<p>客户查询的作用如下:</p>
<pre class="lang-sh prettyprint-override"><code>curl location request GET 'https://api.businesscentral.dynamics.com/v2.0/<tenant>/<env>/api/v2.0/companies(<company id>)/customers' \
header 'Authorization: Bearer XYZ...'
</code></pre>
<p>顺便说一句,我得到了相同的<code>Authentication_InvalidCredentials</code>错误,结果它与BC中的外部应用程序绑定在一起,但没有激活</p>