Azure AD App Registration
First, the external app, in our case the Invoice Connector, must be set up in Azure Active Directory. The following procedure is used for this: Tutorial: Registrieren einer App in Azure Active Directory (Microsoft Dataverse) - Power Apps | Microsoft Learn
After creating the application registration, the Redirect URIs must be entered in the Authorization tab. It is important that both URIs are specified. https://businesscentral.dynamics.com/OAuthLanding.htm serves as landing page for the accesses from Microsoft Dynamics while https://<<documentsserver>>/documents/html/transparentBody.html or https://<<documentsserver>>/documents5/html/transparentBody.html serves as landing page for the BC Connector.
Depending on the setup, "documents" or "documents5" must be part of the URL. A white page is expected as the result of the call in the browser. If an error message appears, the other URL must be entered.
The <<documentsserver>> must be accessible from outside and protected by SSL.
Finally, the API permissions for application registration must be set up. In this case, the permissions "API.ReadWrite.All", as well as "app_access" are sufficient. It is important to note that the permissions are created as type "application" and not as "delegated". 