If I examine the token with jwt.io, I can't seem to find the part that describes which API the token gives access to, which could be the or part of the problem?
I don't get it, regardless of what I try, the access_token I get, doesn't include any info about what it grants access to.
I register an app and create delegated API permission for Business Central (user_impersonation and Financials.ReadWrite.All). Then I create a secret.
I use the following C# code to get a token:
var client_id = "<client_guid>"; var client_secret = "<client_secret>"; var tenant_id = "<tenant_guid>"; var token_url = "https://login.microsoftonline.com/" + tenant_id + "/oauth2/v2.0/token"; var client = new HttpClient(); var content = new StringContent( "grant_type=client_credentials"+ "&scope=https://api.businesscentral.dynamics.com/.default"+ "&client_id="+ HttpUtility.UrlEncode(client_id) + "&client_secret="+ HttpUtility.UrlEncode(client_secret)); content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded"); var response = await client.PostAsync(token_url, content);
The value in the "access_token" attribute i get from the response, doesn't describe any of the permissions I created when explored with jwt.io. What am I doing wrong here?