Updating your software is essential. To keep up with competitors in the logistics industry, to support your logistic activities as efficiently as possible, and to protect yourself against cyber criminals. Especially this last reason has gained attention over the last years. With all the possibilities you have, you try to protect your software system from intruders. And with success. Because thanks to all the firewalls and safety protocols, you have built a high wall around your applications. However, what is the use for such a high wall, when intruders can easily steal the keys to the gate? That is where OAuth2 comes in. With OAuth2, you can prevent this from happening, and you truly keep intruders out. Even if they have stolen your keys.
In Business Central v21, Basic Authentication expires for the SaaS. That means that OAuth2 will be the only option to connect with your 3PL Dynamics environment for all incoming web service calls.
In this blog, we introduce you to OAuth2, explain how it protects your logistics software systems, and help you on your way in this development.
What is Oauth2?
OAuth2 is a way to safely give access to third parties for using your APIs or HTTP endpoints. In other words, a way to safely integrate. Whereas Basic Authentication uses a log-in, OAuth2 gives these third parties access to your application via an access token. This token contains information about the so-called applicant. Based on that information, your system automatically determines if this party should have access to your system and what rights they must have. Therefore, an acquainted and trusted app does not have to log in over and over again. While the integration does secure itself by consciously renewing the tokens.
The simple answer to the question ‘why OAuth2?’ It is safer! OAuth2 looks at who the applicant actually is, based on the access token. And more importantly: what the relationship is between your system and the application to which they should have access. Only a password is not enough. In that way, you prevent passwords or keys from creating damage when they fall into the wrong hands. Only the parties you actually want to integrate with have access to your system.
Replace your Web Service Access Keys with OAuth2
When, as a user of Microsoft Business Central 365, you use Basic Authentication, you will have to move to OAuth2 after updating to v21. For web service calls you receive via our DataHub platform, Mercurius IT sets up this authentication. For web service calls you receive outside of DataHub, you will have to manage the authentication yourself, with your customer, or with your broker. To help you on your way, we have listed five steps to successfully register your OAuth2 app.
Do you want to learn more about the transition to OAuth2? Or do you need help with registering the app? Get in touch with our experts here!