Skip to main content


Showing posts with the label Authorization

Making a call to Retail Server APIs

This article will talk about how to make a call to Retail APIs (non anonymous )  and what all information is required to get the response. I started by generating the access token using username-password flow and obviously the client id as shown in below image: Then I tried to make a call to an API using Postman as shown below: And here is the 401 Unauthorized error ☹ and the reason is -  Microsoft_Dynamics_Commerce_Runtime_DeviceTokenNotPresen t After spending hours, I got to know that Retail APIs  can’t be called just by passing the access token. In order to make API call successful, there is one additional information ‘ devicetoken ’, which needs to be sent.  Now where to pass this information? Well, fortunately I was able to figure it out. This devicetoken  has to be passed as an header while making API call as shown below: Once device token is passed, I received the expected response from the API.  Hope I saved your hours

Creating ASP.NET Core 2.2 Application Step-by-Step

This article will walk you through the creation of ASP.NET Core application using ASP.NET Core 2.2 from scratch, by utilizing the capabilities of package manager, EF Core, Identity API, Razor Class Library, etc. So, rather than being more theoretical, this article will focus mainly on the implementation part. Wherever required, I’ll throw some light on the conceptual part too. To know more, you can either go here or here .

Understanding concepts - OpenId, OAuth and SAML

I was going through some of the forums related to security concepts and found one topic which is very much communal, and many people posted questions about their confusion on the terms related to Authorization, Authentication and Security protocols.  So, I thought to write something about these terms in layman, which is more towards the concept and less towards technical aspects.  Before we start, let's have a look at the question, which really lighten the spark in me - - What's the difference between OpenID and OAuth ? Hope you are with me to get started. Well, one of the major aims of any application is to make it secure and easy to use without imposing much work on the end user. Now, in order to fulfill  this aim, we have to look into a few of the major security aspects in terms of protocols, usage and scenarios. And that's why this article is. What is Authentication and Authorization? In simple terms, authentication is the process to