| title | description | author | ms.custom | ms.date | ms.reviewer | ms.topic | ms.author |
|---|---|---|---|---|---|---|---|
Web service security |
Get the list of recommendations for how to secure web services in your Business Central solution. |
kennieNP |
bap-template |
02/02/2024 |
jswymer |
conceptual |
kepontop |
Security is an important part of a solution involving web services. This is because the client calling the web service endpoint is likely not delivered by Microsoft and also because the interaction between the client and [!INCLUDEprod_short] happens over a network.
This article provides recommendations that you can implement to make your web services applications secure.
For more general information about security in [!INCLUDEprod_short], see Security overview.
Here are some authentication options you can use:
- Authentication: Learn about the basic authentication methods for web services in [!INCLUDEprod_short].
- Authentication with OAuth: Use OAuth, an open standard that lets you authorize access to web services in [!INCLUDEprod_short] online.
- Walkthrough: Creating a console application that uses OAuth: See an example of how to use OAuth in a console application.
- Service-to-service authentication: Use this method for scenarios where integrations need to run without any user interaction.
- Supported cipher suites in outgoing calls: Use an HTTPS certificate to connect to an external API from AL Httpclient.
- How to restrict network access from/to Business Central online: Use Azure security service tags to limit network access to and from [!INCLUDEprod_short] online.
- Securing remote connections using certificates (on-premises): Learn how to use security certificates to help secure connections with [!INCLUDEprod_short] (on-premises).