HttpClient Data Type
Version: Available or changed with runtime version 1.0.
Provides a data type for sending HTTP requests and receiving HTTP responses from a resource identified by a URI.
Instance methods
The following methods are available on instances of the HttpClient data type.
| Method name | Description |
|---|---|
| AddCertificate(Text [, Text]) | Adds a certificate to the HttpClient class. |
| AddCertificate(SecretText [, SecretText]) | Adds a certificate as a SecretText to the HttpClient class. |
| Clear() | Sets the HttpClient variable to the default value. |
| DefaultRequestHeaders() | Gets the default request headers which should be sent with each request. |
| Delete(Text, var HttpResponseMessage) | Sends a DELETE request to delete the resource identified by the request URL. |
| Get(Text, var HttpResponseMessage) | Sends a GET request to get the resource identified by the request URL. |
| GetBaseAddress() | Gets the base address of Uniform Resource Identifier (URI) of the Internet resource used when sending requests. |
| Post(Text, HttpContent, var HttpResponseMessage) | Sends a POST request to the specified URI as an asynchronous operation. |
| Put(Text, HttpContent, var HttpResponseMessage) | Sends a PUT request to the specified URI as an asynchronous operation. |
| Send(HttpRequestMessage, var HttpResponseMessage) | Sends an HTTP request as an asynchronous operation. |
| SetBaseAddress(Text) | Sets the base address of Uniform Resource Identifier (URI) of the Internet resource used when sending requests. |
| Timeout([Duration]) | Gets or sets the duration in milliseconds to wait before the request times out. |
| UseDefaultNetworkWindowsAuthentication() | Sets the HttpClient credentials to use the default network credentials for Windows authentication. If this method is invoked after any HTTP request has started; a runtime error occurs. |
| UseResponseCookies(Boolean) | If true, the client automatically attaches cookies received in the response to all subsequent requests. |
| UseWindowsAuthentication(Text, Text [, Text]) | Sets the HttpClient credentials to use the specified network credentials for Windows authentication. If this method is invoked after any HTTP request has started; a runtime error occurs. |
| UseWindowsAuthentication(SecretText, SecretText [, SecretText]) | Sets the HttpClient credentials to use the specified network credentials for Windows authentication. If this method is invoked after any HTTP request has started; a runtime error occurs. |
Remarks
The supported security protocols are controlled by the SecurityProtocol configuration setting. For more information, see Microsoft Dynamics 365 Business Central Server Configuration.
Ways that HttpClient calls can fail
All of the methods HttpClient.Delete, HttpClient.Get, HttpClient.Post, HttpClient.Put, or HttpClient.Send in the HttpClient data type can fail and return false.
Important
The call might fail in the Business Central platform before actually reaching the external web service. It's therefore important that you check for this in your AL code. Common error examples are if you have added duplicate request or content HTTP headers, if there are networking/firewall issues, if the URI cannot be resolved with DNS, or if the app/extension has not been configured to allow HttpClient requests in the Extension Settings.
Important
Outbound HTTP calls from apps/extensions are blocked by default and must be approved for each extension, otherwise instead of an external call, the system will display the following error message: The request was blocked by the runtime to prevent accidental use of production services.
To enable outbound HTTP calls, go to the Extension Management page in Business Central, and choose Configure. Then, on the Extension Settings page, make sure that Allow HttpClient Requests is selected. This setting must be enabled for each app/extension, including library apps.
Telemetry
Outgoing web service request telemetry gathers data about outgoing web service requests sent using the AL HTTPClient data type. This data gives you insight into the execution time and failures that happen in external services that your environment and extensions depend on. You can also use the data to alert on environments or apps for performance issues caused by external services, and be more proactive in preventing issues from occurring.
For more information, see Outgoing Web Service Request Telemetry.
Troubleshoot errors
When calling external web services using the HttpClient module in AL, make sure that you handle the HTTP status code returned by the service in case of errors. For more information, see HttpHttpResponseMessage.HttpStatusCode() Method.
If you've enabled telemetry for your environment or app, you can use this KQL query to analyze errors in calls to external services.
traces
| where customDimensions has 'RT0019'
| extend httpStatusCode = toint( case( isnotempty(customDimensions.httpStatusCode), customDimensions.httpStatusCode, customDimensions.httpReturnCode ) )
| where httpStatusCode > 299
| summarize count() // how many calls fail
by httpStatusCode
, endpoint = tostring( customDimensions.endpoint ) // which endpoint
HTTP status codes
When you try to access content on a server by using the HTTP protocol, it returns a numeric code that indicates the result of the request and semantics of the response, including whether the request was successful.
The first digit of the status code defines the class of response. The last two digits don't have any categorization role. There are five values for the first digit:
1xx (Informational): Provisional response - the request was received, continuing process.
2xx (Successful): The server successfully received and accepted the request.
3xx (Redirection): Further action needs to be taken in order to complete the request.
4xx (Client Error): The request contains an error and can't be fulfilled.
5xx (Server Error): The server failed to fulfill the request.
For more information, see HTTP Semantics
Common HTTP status error codes
When you call a web service endpoint, either a Business Central API or from AL using Httpclient datatype, you get an HTTP status code as part of the response. All HTTP status codes that start with 4 (sometimes also written 4xx) are classified as client errors and it is your responsibility to react on these errors and fix them in your code.
In the following table, we list some common 4xx HTTP status codes and suggestions to how to fix them:
| HTTP status code | Short name | Description | Suggested solution(s) |
|---|---|---|---|
| 400 | Bad Request | This status code indicates that the server can't or won't process the request due to an error on the client side. For example, it could be a malformed request syntax, header too long, or something else. | The client code that calls the endpoint needs to fix things on their end. For an incoming call of category OData/API, consider using telemetry to find the error. You can also set up a debugger and debug the endpoint code. For an outgoing call, you need to review/debug the AL code that sends the request. |
| 401 | Access denied | The request failed because it lacks valid authentication credentials for the target resource. | For an incoming call, this is an authorization issue on the Business Central end of this, either in the OnOpenCompany trigger or a permission issue. For an outgoing call, you need to examine the AL code that sets up certificates or sets authorization header(s). |
| 402 | Payment Required | Indicates that the caller must make a payment to access the requested resource. Typically used in situations where the server requires payment before granting access to the content or service. This status code isn't returned by the Business Central server for incoming calls. |
For an outgoing call, you need to examine the AL code that calls the service and setup error handling to handle this situation. |
| 403 | Forbidden | This status code is returned when there's some kind of access restriction policy implemented for the requested resource. | For an outgoing call, you need to examine the AL code that sets up certificates (see Httpclient.AddCertificate) or sets authorization header(s). Or maybe your app shouldn't call the specified endpoint at all. |
| 404 | Not found | The resource you're calling doesn't exist (anymore?) | For an incoming call of category OData/API, this endpoint isn't available in metadata. If the endpoint used to work, the issue might be due to uninstalling or updating an app/extension. For UI pages exposed as OData, check if the page was disabled by an administrator. Note: We recommend that you move to APIs. For an outgoing call, you need to examine the URI specified in the AL code calling the endpoint and compare it with the endpoints available on the server you call. |
| 405 | Method not allowed | The HTTP verb used in the request isn't allowed for the specific URI that an HTTP client requested. | For an incoming call, you need to examine the HTTP method and compare that with what the endpoint supports. One example could be a client calling an API query (which is read-only) using HTTP POST. For on-premises environments where SOAP, OData, or APIs have been turned off, any call to such an endpoint will also return 405 (so check your server configurations if you see those). For an outgoing call, you need to examine the AL code that calls out and compare the Httpclient method used with what the external service offers. |
| 408 | Request timed out | This status code is returned when the server didn't receive a complete request message within the time that it was prepared to wait. | For an incoming call, this is returned by the Business Central server when the request fails to complete within the limits setup in the server configuration. For online environments, the limits are documented here: Operational Limits for Business Central Online. For on-premises environments, you might be able to adjust the server limits to allow more time for requests to complete. For on-premises environments, you need to change the AL code for the endpoint or call break up the request into multiple requests to make them fit within the time limits. For an outgoing call, you need to investigate the similar limits setup for the external service. Then either change your AL code or break up the request into multiple requests to make them fit within the time limits. |
| 409 | Conflict | Indicates that the request couldn't be processed because of conflict in the current state of the resource, such as an edit conflict between multiple simultaneous updates. | For an incoming call, this happens when another user has already changed the record(s) that the request is trying to modify. For an outgoing call, you need to look into the documentation for the service you're calling. |
| 410 | Gone | Indicates that the resource requested was previously in use but is no longer available and won't be available again. | Check you client code/configuration and stop calling this endpoint. |
| 412 | Precondition Failed | The server doesn't meet one of the preconditions that the requester put on the request header fields. | You need to examine the code that calls the endpoint and check if the settings of request or content HTTP headers match what the service expects. For an incoming call, check if you have supplied the required headers as specified in the API documentation, see API (v2.0) for Business Central for details. For an outgoing call, a common error is to forget to set the Content-Type header (which by default is set to 'text/plain; charset=utf-8'. For more information about content headers, see HttpContent Data Type.) |
| 413 | Payload Too Large / Request Entity Too Large | The request is larger than the server is willing or able to process. | You need to examine the code that calls the endpoint and adjust the size of the data you send. For OData/API calls, the limit is called Max body size and its current value for BC online is documented here: OData request limits. For SOAP calls, the limit is called Max message size and its current value for Business Central online is documented here: SOAP request limits |
| 415 | Unsupported Media Type | The request uses a media type that isn't supported by the server/resource. | Could very well be due to wrong Content-Type or Content-Encoding headers in the request. |
| 418 | I'm a teapot | This HTTP status is exposed as an Easter egg in some services. | If you experience this, there's probably nothing else to do than have a nice cup of tea. Then get back to work afterwards refreshed and ready to fix some more HTTP issues. |
| 429 | Too Many Requests | This status code is returned when you call too aggressively to the server and it asks you to relax a bit. | The Business Central performance tuning guide explains how you can implement different retry strategies to deal with this type of issue. For more information, see Performance Articles For Developers. |
| 502 | Bad Gateway | This status code is returned when services in the Business Central data plane are temporarily unavailable. | If you experience this, please retry your request. Note that the Business Central service adds a retry-after HTTP header when returning HTTP status 502. Use this in your web service client code. The Business Central performance tuning guide explains how you can implement different retry strategies to deal with this type of issue. For more information, see Performance Articles For Developers. |
| 503 | Service Temporarily Unavailable | This status code is returned when the server is down for maintenance or is overloaded. | If you experience this, please retry your request. Note that the Business Central service adds a retry-after HTTP header when returning HTTP status 503. Please use this in your web service client code. The Business Central performance tuning guide explains how you can implement different retry strategies to deal with this type of issue. For more information, see Performance Articles For Developers. |
| 504 | Gateway Timeout | This status code is returned when your call takes longer than the timeout threshold defined on the server. | The Business Central performance tuning guide explains how you can implement different retry strategies to deal with this type of issue. For more information, see Performance Articles For Developers. |
Performance considerations
If you call an external web service using the HttpClient module in AL, be aware that the Business Central Server blocks the execution of AL code for the session until the call completes. For interactive sessions, this behavior means that the user sees a spinning wheel during the call.
If you have enabled telemetry for your environment or app, you can use this KQL query to analyze how much time users are delayed in the UI by calls to external services.
traces
| where customDimensions has 'RT0019'
| where customDimensions.clientType == 'WebClient'
| extend executionTimeInMs = toreal(totimespan(customDimensions.serverExecutionTime))/10000 //the datatype for executionTime is timespan
| summarize count() // how many calls
, sum(executionTimeInMs) // sum of delays for UI sessions
, avg(executionTimeInMs) // average waiting time by this app
, max(executionTimeInMs) // average waiting time by this app
by
// which app is calling out from the UI
extensionPublisher = tostring( customDimensions.extensionPublisher )
, extensionName = tostring( customDimensions.extensionName )
, extensionVersion = tostring( customDimensions.extensionVersion )
See also
Call external services with the HttpClient data type
Get Started with AL
Developing Extensions
Outgoing Web Service Request Telemetry
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for