Error in getting access token for azure key vault in business central?

azharsaeedkhan

Hello Everyone!
I am trying to POST an HTTP request with different parameters in the body, but i am getting the message "oauth2 error AADSTS90014: The request body must contain the following parameter: 'grant_type' ". Through Postman i am able to get the access token, with the same parameters. I don't know what i am doing wrong here. I have attached the screenshots as well.

If anyone can help me out.

lynge

Hi
I can share my code for doing the same in C/AL with DotNet (on BC13 OnPrem). This is well tested and works for sure.
Then you might compare and figure out what is wrong?

[TryFunction]
[LineStart(209)]
LOCAL PROCEDURE GetAzureVaultBearerToken@1000000003(TenantId@1000000002 : Text;ClientId@1000000003 : Text;ClientSecret@1000000004 : Text;Resource@1000000005 : Text;VAR BearerToken@1000000014 : Text);
VAR
HttpWebRequest@1000000001 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpWebRequest";
HttpWebResponse@1000000009 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpWebResponse";
HttpStatusCode@1000000012 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpStatusCode";
ResponseHeaders@1000000007 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Collections.Specialized.NameValueCollection";
WebResponseTempBlob@1000000015 : TEMPORARY Record 99008535;
WebRequestHelper@1000000000 : Codeunit 1299;
@={Locked};DAN=https://login.microsoftonline.com/%1/oauth2/token;ENU=https://login.microsoftonline.com/%1/oauth2/token';
RequestBodyOutStream@1000000011 : OutStream;
WebResponseInStream@1000000013 : InStream;
WebResponse@1000000010 : Text;
@={Locked};DAN="grant_type=client_credentials&client_id=%1&client_secret=%2&resource=%3";ENU="grant_type=client_credentials&client_id=%1&client_secret=%2&resource=%3"';
BEGIN
WebResponseTempBlob.Blob.CREATEINSTREAM(WebResponseInStream);

HttpWebRequest := HttpWebRequest.Create(STRSUBSTNO(AzureUrlLbl,TenantId));
HttpWebRequest.Method := 'POST';
HttpWebRequest.ContentType := 'application/x-www-form-urlencoded';
RequestBodyOutStream := HttpWebRequest.GetRequestStream();
RequestBodyOutStream.WRITETEXT(STRSUBSTNO(AzureParmLbl,UrlEncode(ClientId),UrlEncode(ClientSecret),UrlEncode(Resource)));
WebRequestHelper.GetWebResponse(HttpWebRequest,HttpWebResponse,WebResponseInStream,HttpStatusCode,ResponseHeaders,FALSE);
WebResponseInStream.READ(WebResponse);
BearerToken := GetValueFromJSONString(WebResponse,'access_token');
END;

lynge

Hi
I can share my code for doing the same in C/AL with DotNet (on BC13 OnPrem). This is well tested and works for sure.
Then you might compare and figure out what is wrong?

[TryFunction]
[LineStart(209)]
LOCAL PROCEDURE GetAzureVaultBearerToken@1000000003(TenantId@1000000002 : Text;ClientId@1000000003 : Text;ClientSecret@1000000004 : Text;Resource@1000000005 : Text;VAR BearerToken@1000000014 : Text);
VAR
HttpWebRequest@1000000001 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpWebRequest";
HttpWebResponse@1000000009 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpWebResponse";
HttpStatusCode@1000000012 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Net.HttpStatusCode";
ResponseHeaders@1000000007 : DotNet "'System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.System.Collections.Specialized.NameValueCollection";
WebResponseTempBlob@1000000015 : TEMPORARY Record 99008535;
WebRequestHelper@1000000000 : Codeunit 1299;
@={Locked};DAN=https://login.microsoftonline.com/%1/oauth2/token;ENU=https://login.microsoftonline.com/%1/oauth2/token';
RequestBodyOutStream@1000000011 : OutStream;
WebResponseInStream@1000000013 : InStream;
WebResponse@1000000010 : Text;
@={Locked};DAN="grant_type=client_credentials&client_id=%1&client_secret=%2&resource=%3";ENU="grant_type=client_credentials&client_id=%1&client_secret=%2&resource=%3"';
BEGIN
WebResponseTempBlob.Blob.CREATEINSTREAM(WebResponseInStream);

HttpWebRequest := HttpWebRequest.Create(STRSUBSTNO(AzureUrlLbl,TenantId));
HttpWebRequest.Method := 'POST';
HttpWebRequest.ContentType := 'application/x-www-form-urlencoded';
RequestBodyOutStream := HttpWebRequest.GetRequestStream();
RequestBodyOutStream.WRITETEXT(STRSUBSTNO(AzureParmLbl,UrlEncode(ClientId),UrlEncode(ClientSecret),UrlEncode(Resource)));
WebRequestHelper.GetWebResponse(HttpWebRequest,HttpWebResponse,WebResponseInStream,HttpStatusCode,ResponseHeaders,FALSE);
WebResponseInStream.READ(WebResponse);
BearerToken := GetValueFromJSONString(WebResponse,'access_token');
END;

azharsaeedkhan

@lynge i have found the solution, and its exactly like the one you have posted above.
Anyways thank you