CODEWITHSUNDEEP
apiazuredynamics-crmaws-lambdaadal
Jayanth Vishwanath
Jayanth Vishwanath

Reputation: 63

Azure AD Bearer invalid_token error using Postman

I am really new to Azure AD. I have read the Azure AD documentation which provides information on authentication and accessing web API's.

What I want to do : I want to use Dynamics CRM API to create a lead or contact through AWS Lambda. Meaning, whenever the Lambda function is ran, it should call the CRM API. The way I need to create a lead is with username and password creds included in Lambda. I am not sure which application scenario I need to use when I am using AWS Lambda as the source to access the web api. I want to pass the user creds with POST request.

Creating an application in Azure AD : So, I am not sure which application type I need to use (Web API or Native App?). And what should be the sign-on URL or Redirect URI?

I have tried creating an application and use Postman as the temporary way just to test whether I can get the access token and access the web api. I could able to get the access token but when I tried to access the API it says 

Bearer Error invalid_token, error validating token!

I have given enough permissions while creating application in Azure AD to access Dynamics CRM API. But still unable to access the API.

POST request to get access token through Postman: 

request: POST
URL: https://login.windows.net/<tenant-id>/oauth2/token
Body:
grant_type: cliet_credentials
username: xxxxx
password: xxxxxxx
client_id: <app id>
resource: <resource> //I am not sure what to include here
client_secret: <secret_key>

I get the access token in the response. Sending the second POST request using the access token

request: POST
URL: https://xxx.api.crm.dynamics.com/api/data/v8.2/accounts

Headers:
Content-type: application/json
OData-MaxVersion: 4.0
OData-Version: 4.0
Authorization: Bearer <access_token>

Body:
{
    "name": "Sample Account",
    "creditonhold": false,
    "address1_latitude": 47.639583,
    "description": "This is the description of the sample account",
    "revenue": 5000000,
    "accountcategorycode": 1
}

It would really help me if I can get a bit more information on where I am stuck. I have already used my one week of time to get this done. Any help will be appreciated.

Upvotes: 0

Views: 2086

Answers (1)

Nan Yu
Nan Yu

Reputation: 27538

To do Server-to-Server (S2S) authentication , the application is authenticated based on a service principal identified by an Azure AD Object ID value which is stored in the Dynamics 365 application user record. Please click here and here for detail steps and code samples.

Upvotes: 1

Related Questions