Hi all,
I'm working on a flow that will trigger a post request toward a custom Business central OData API.
I'm having issue configuring the Oauth in power automate, i tried with two different methods but all I get is a 401 unauthorized ("The credentials provided are incorrect") error.
This first method I tried was by using a Send http request block with OAuth Active Directory authentification :
The second method i tried was by retrieving the token myself with a post method toward my /token url and then using this token in an Authorization header
The post method to obtain the token works fine but i get the same error when posting :
<error xmlns="http://docs.oasis-open.org/odata/ns/metadata"><code>Unauthorized</code><message>The credentials provided are incorrect</message></error>
The request works fine in postman with an oauth 2.0 authentification method.
Any idea of what could be the issue ?
Thanks
Ah so in fact it was the user that the app was running as (in your case its an onbehalf situation with the app being promoted to do the work, once you added it).
Glad you got it working. Pretty much any time you get that error, as mentioned, it means the user submitting the request doesn't have privileges. Then its just a matter of if its an on behalf of flow or a as user flow.
Cheers
If you like my answer, please Mark it as Resolved, and give it a thumbs up, so it can help others
Thank You
Michael Gernaey MCT | MCSE | Ex-Microsoft
https://gernaeysoftware.com
LinkedIn: https://www.linkedin.com/in/michaelgernaey
Hi @FLMike , thanks for your answer,
I was able to solve my issue,
I didn't register my API in Business central in the Application Azure AD which is why it was unauthorized.
After I did that, I just needed to add the proper authorizations to my user and it was good to go !
Hello,
Can you do a little test. Can you create a flow that takes in an Access Token and then calls the Business Central endpoint?
Make that, then use Postman to create the bearer token and then paste it in and see if it works. If so, then it means the token being created is not being formatted properly OR, that bearer token is valid BUT it doesn't have the correct permissions associated to it.
I see that you are getting a 401 unauthorized, which is different than a 400 bad token, so i wonder if the issue is simply who the flow is running as so when the token gets created its just not valid for that call.
Does the flow run as you (since post man does)? If not, can you make it do that, do the test with the postman token, then do the test as normal and see what works and doesn't and come back.
Cheers
If you like my answer, please Mark it as Resolved
and give it a thumbs up, so it can help others
Thank You
Michael Gernaey MCT | MCSE | Ex-Microsoft
Site: https://gernaeysoftware.com
LinkedIn: https://www.linkedin.com/in/michaelgernaey