top of page

Testing Business Central Online APIs using Postman

This post explains how to test Microsoft Dynamics Business Central Online APIs using Postman with complete details.

Postman is a very useful tool for developers to test various types of HTTP requests, including REST APIs. Business Central supports REST APIs in both On-Premises and Online environments. To test Business Central Online APIs, client application must pass through OAuth2 authentication. An advantage with Postman is that it supports OAuth2 authentication, therefore testing Business Central APIs becomes easy.

App registration

Business Central uses Azure Active Directory for authentication. To call Business Central APIs in Postman, an access token should be passed in the HTTP request headers. To get access token, firstly, it is required to register an App in Azure Portal.

The following sections explains how to register an Application in Azure Portal.

Register a new Application

1. Login to Azure Portal with an Azure AD account.

2. Search for App registrations in the search box and select App registrations > New registration.

3. Enter the application name, select the selected supported account type, and click the Register button.


1. Select Authentication and click the Add a platform button.

2. Select Web in the Configure platforms panel.

3. Enter in Redirect URLs and click the Configure button.

API permissions

1. Select API permissions and click the Add a permission button.

2. Select Dynamics 365 Business Central in Request API permissions panel.

3. Select Delegated permissions, select permissions and click the Add permissions button.

Certificates & secrets

1. Select Certificates & secrets and click the New client secret button.

2. Enter Description and click the Add button.

3. Note the client secret Value and secure it. Once the application page is closed, client secret cannot be retrieved.

Inputs required for Postman

The following inputs are required in Postman to configure OAuth Authentication details:

1. Select Overview and note the Application (client) ID and the Directory (tenant) ID.

2) Click the Endpoints button in the Overview page and note the OAuth 2.0 authorization endpoint (v1) and the OAuth 2.0 token endpoint (v1) URLs.


The following sections explains how to update authentication details in Postman.

1. Open Postman, click the Authorization tab, and select OAuth 2.0 in the Type dropdown.

2. Enter a meaningful name in the Token Name field.

3. Enter in Callback URL field.

4. Enter the OAuth 2.0 authorization endpoint (v1) and the OAuth 2.0 token endpoint (v1) URLs noted in Auth URL and Access Token URL fields.

5. Enter the noted Application (client) ID in Client ID field.

6. Paste the Value copied in Certificates & secrets in the Client Secret field.

7. Select Advanced Options tab and enter in the Resource field, and click the Get New Access Token button.

8. Sign in with the AD account in the Sign in to your account window and Consent on behalf of your organization and click the Accept button.

9. Click the Proceed button.

10. Click the Use Token button.

11. Enter in the URL and click the Send button.

The following is the response from the companies API.

The following is the response from the customers API.


Postman supports POST, GET, PATCH, DELETE and many more HTTP methods, so it is possible to test all CRUD (CREATE, READ, UPDATE, and DELETE) operations with Postman. Please refer to for standard APIs available in Business Central .

Postman collection for the above examples is available at GitHub.

#MSDyn365 #MSDyn365BC #BusinessCentral #DynamicsNAV #Postman #WebAPIs

5,557 views1 comment
bottom of page