Dynamics 365 Business Central

Name: QuantaSeal
Brand: QuantaSeal
Price: 69 AUD

ERP

system_type: "microsoft_d365"

Proxy Dynamics 365 Business Central REST API v2 calls for companies, customers, vendors, items, and orders.

Overview#

The Business Central connector targets the Microsoft Dynamics 365 Business Central API v2.0 hosted at api.businesscentral.dynamics.com. It uses Azure AD OAuth2 client_credentials for authentication.

Base URL: https://api.quantaseal.io/api/v2/proxy/outbound
Auth header: X-API-Key: qs_live_…

Prerequisites#

1A Dynamics 365 Business Central environment
2An Azure AD application registration with Dynamics 365 Business Central API permissions
3Client ID and Client Secret from the Azure AD app
4Azure tenant ID

Configuration#

Follow these steps to connect Dynamics 365 Business Central to QuantaSeal. You can configure integrations via the Admin Console or directly via the API.

1
In Azure Portal, register an app with Business Central API → Financials.ReadWrite.All permission.
2
Create a client secret and note the client_id, tenant_id.
3
In Business Central, add the Azure app as an Application User with the required role.
4
Seal credentials: POST /api/v2/vault/seal with credential_type: oauth2_client.
5
Create integration: POST /api/v2/integrations with system_type: microsoft_d365.

Authentication Types#

Uses Azure AD OAuth2 client_credentials grant. Set use_enclave: false for dev/test or true (default) for production Nitro Enclave zero-secret flow.

OAuth2 Client

All credential types are sealed in QuantaVault with ML-KEM-768 + AES-256-GCM and wrapped by your tenant AWS KMS CMK before storage. See the Vault API reference for the full list of credential types and seal/unseal endpoints.

Available Operations#

QuantaSeal enforces a default-deny operation policy. Only operations listed in your integration's allowed_operations array will be permitted. Add operations when creating or updating the integration.

Operation	Description
`list_companies`	List all Business Central companies.
`get_customers`	List customers within a company.
`get_vendors`	List vendors within a company.
`get_items`	List inventory items.
`get_sales_orders`	List sales orders.

Code Example#

Every proxy call returns a HybridCryptoEnvelope - the response is ML-KEM-768 key-encapsulated, AES-256-GCM encrypted, and signed with ML-DSA-65 + HMAC-SHA-512. Verify both signatures before trusting the decrypted payload.

bashCopy

curl -X POST https://api.quantaseal.io/api/v2/proxy/outbound \
  -H "X-API-Key: qs_live_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"integration_id":"int_D365BC001","operation":"get_customers","payload":{"company_id":"company-guid"}}'

Decrypt the response using the QuantaSeal SDK: client.encryption.decrypt(envelope). Both the ML-DSA-65 signature and the HMAC-SHA-512 signature must pass - QuantaSeal uses a bitwise & check, not short-circuit and.

Troubleshooting#

AADSTS70011 - invalid scope

Ensure the Azure AD app has Dynamics 365 Business Central API permissions granted with admin consent.

Still stuck? Check the Security Events page in the Admin Console for detailed proxy error logs, or open a support ticket at quantaseal.io/support.

All Connectors API Reference

Configuration#

Follow these steps to connect Dynamics 365 Business Central to QuantaSeal. You can configure integrations via the Admin Console or directly via the API.

In Azure Portal, register an app with Business Central API → Financials.ReadWrite.All permission.

Create a client secret and note the client_id, tenant_id.

In Business Central, add the Azure app as an Application User with the required role.

Seal credentials: POST /api/v2/vault/seal with credential_type: oauth2_client.

Create integration: POST /api/v2/integrations with system_type: microsoft_d365.