Hello @James Lin
After testing for a week, I was able to perform GET action from API https://api.businesscentral.dynamics.com/environments/v1.1, PFB steps we need to take care of:
On the Azure AD registered App:
Step 1: The app registered in Azure AD should have following permissions:
Step 2: The following parameters in App manifest should be set to "true" as by default these are set to "false":
"allowPublicClient": true,
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": true,
Step 3: The App must have https://oauth.pstmn.io/v1/callback as redirect URI
On the POSTMAN desktop client:
Step 1: The auth and token URL should look like :
Where "1e0fd5f0-xxxxx-xxxxx-xxxx-xxxx-xxxx" is tenant id.
Step 2: The auth URL should have "Authorize using browser" checked, as this would give an authentication and consent pop-up on browser. Please do ensure no pop-ups are blocked. (This is needed to add an HTTP header in Authorization request.
Step 3: Rest of the parameters should look like this:
The output in my environment looked like:
Also, the reference URL used here for testing was: https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/devenv-develop-connect-apps#exploring-the-apis-with-postman-and-aad-authentication
Please "Accept the answer" and rate your experience if the information helped you. This will help us and others in the community as well