Inventory Visibility – Configuring Bearer token and access token using Postman

Accessing data from Inventory Visibility APIs (such as those used in enterprise systems like Microsoft Dynamics 365 ) often requires more complex authentication flows than typical REST APIs.

In this post, let us understand the process .

AUTHENTICATION

The platform security token is used to call the Inventory Visibility public API. Therefore, it is necessary to generate a Microsoft Entra token by using Microsoft Entra application. Then use the Microsoft Entra token to get the access token from the security service.

1. From Azure portal, retrieve the client Id & Secret . This App registration is the one used while installing Inventory visibility app.
2. Given below the details

URL: https://login.microsoftonline.com/${aadTenantId}/oauth2/v2.0/token

Method: GET

Headers:Content-Type application/x-www-form-urlencoded

Body:

client_id=clientId&client_secret=secret&grant_type=client_credentials&Scope=0cdb527f-a8d1-4bf8-9436-b352c68682b2/.default

The response will be an access token

ACCESS TOKEN:

This token will be the bearer token to call the Inventory Visibility API. Here’s an example.

URL: https://securityservice.operations365.dynamics.com/token

Header:

Api-Version 1.0

Content-Type:application/json; charset=utf-8

Body:

{
    "grant_type": "client_credentials",
    "client_assertion_type": "aad_app",
    "client_assertion": "Entra token from the previous step",
    "scope": "https://inventoryservice.operations365.dynamics.com/.default",
    "context": "${fno_environment_id}",
    "context_type": "finops-env"
}

Environment Id can be retrieved from LCS.

The response will be an access token which will be used in the Inventory visibility APIs

The collection is available in my gitHub Handle

In my next post, we will understand about the OnHand APIs.

Original Post https://anithasantosh.wordpress.com/2025/07/28/inventory-visibility-configuring-bearer-token-and-access-token-using-postman/