Switch to OAuth
A quick guide on how to switch from Basic Authentication to OAuth
Last updated
Business Central
A quick guide on how to switch from Basic Authentication to OAuth
Last updated
This switch from Basic Authentication and OAuth only needs to be done for environments that has a connection to the Golden EDI Cloud Integration Platform. This means that Basic Invoice and Freemium is not affected by this change.
With the removal of Basic Authentication (also known as Web Service Access Key) in the upcoming release "Business Central 2022 Release Wave 1" all connections between the Golden EDI Cloud Integration Platform and your Business Central environment needs to switch over to OAuth in order to not be interrupted.
In order to do this you need to grant our Azure Active Directory Application access to your Business Central environment. The step to grant this access is a manually step that needs to be done in your system by you or your partner with a user has SUPER or SECURITY permissions in Business Central and is an Active Directory administrator for the current tenant.
When the above prerequisites has been met you can continue with the steps below to grant permission for our application to talk to your environment.
The Cloud Integration Platform will only have access to a limited set of pages and tables to read and write messages in our app as controlled by the "GEDI Cloud Platform" permission set.
The first step in getting this configured in your environment is to go to the "GEDI Profiles" page.
Then you open the "AAD" menu and click on the "Register Application" action.
This will register the necessary details in "Azure AD Applications" and set the permissions for the application to the limited "GEDI Cloud Platform" permission set.
After this has been completed (currently no dialog is shown so it's completed when you can click on anything else) you can click on the "View Application" option to open the card directly or you can go to the search menu and search for "Azure Active Directory Applications" to find the list of all applications registered in your system.
The registration itself will add limited permissions for the current company you are in but you might need to either extend this to all other companies in the environment or add specific companies to this list. Which companies it needs to reach depends on which companies you one or more active connections to the Golden EDI Cloud Integration Platform.
Which companies the application can reach is controlled at the end of the card under the part called "User Permission Sets". Here you can either add new lines for each company you want to grant access to or remove the company name from the line that already exists to allow access to all companies in the current environment.
To remove the limitation modify the existing line by removing the company name.
Or if you want to grant access only to a limited set of companies you can add new lines as necessary by selecting the permission set called "GEDI CLOUD PLATFORM" and then the company you want to grant access to.
When this is done everything is now ready to request administrator permissions to allow Golden EDI to connect to the environment using the configured permissions.
The last step inside Business Central that needs to be done is to grant consent to the application and this is done by clicking one the "Grant Consent" button up in the top left corner of the Azure Active Directory Application Card for the Golden EDI application.
This needs to be done with an Active Directory administrator account, otherwise it will fail.
Clicking on this button will start the process and open up a new window where you can select a different account or the currently logged in account. To continue select or login with the Active Directory administrator account.
Then you will be requested to review the application and either accept or reject the application. To continue and accept that the Golden EDI Cloud Integration Platform will be able to talk to your system click on the blue "Accept" button down the right corner.
If everything works as it should then the extra window should close and you should be sent back to Business Central with a dialog window that says that the process succeeded and that consent has been given.
Now you have prepared the system to accept authentication from the Golden EDI Cloud Integration Platform using OAuth instead of Basic Authentication. In order to move over to this the last thing that needs to be done is to notify us Golden EDI that you want to switch over and that your environment has been prepared according to this guide.
You need to send the following details for each company in the current environment that has active connections to us at support@goldenedi.com and we will take care of the rest.
Your organization name.
The list of companies in Business Central.
The list of all connections in all companies that needs to be switched over.
The details over which connections are enabled and configured in the current company can be found by going to the "GEDI Profiles" page and checking the column "GEDI Connection ID".
When we have received the information we will make the necessary adjustments in the Golden EDI Cloud Integration Platform and notify you when the switch has been made. If we run into any permissions issues or notice any other problems we will get in touch with you and/or your partner.
This entire process needs to be repeated for any unique production and/or sandbox environment you have that needs to have working connections to the Golden EDI Cloud Integration Platform.
