1. Create App registration
Open the Azure Portal and create new App Registration:

Fill App name and select Accounts in any organizational directory as Supported account type. Click on "Register".
Click on "App roles" next:

Create a new app role:

...with the following parameters:

Click on "Apply".
Choose "API Permissions" of the App Registration, click on "Add a permission":

...and choose Dynamics 365 Business Central:

Then - Application Permissions:

Choose API.ReadWrite.All and click on "Add permissions".
Click on "Grant Admin consent action for your organization" and check for green mark in "Status" column:

Finally, click on "Certificates & secret"s and create a new client secret. Don't forget to copy secret value somewhere, because it'll disappear after you close the tab:

2. Register the App in your environment
To start using the app you should register it in your Business Central tenant.
Open "Azure Active Directory Applications" page in Business Central and create a new application:

Fill in "Client ID" field with the value from your App Registration App ID and choose "Enabled" state.
Add required permissions. Standard "SUPER" permission set is not allowed.

3. Test the connection
Use common API URL: https://api.businesscentral.dynamics.com/v2.0/{{Your Tenant}}/Sandbox/api/v2.0

On the Authorization Tab choose OAuth2.0 type and next parameters:
Grant Type: Client Credentials
Access Token URL: https://login.microsoftonline.com/{{Your Tenant ID}}/oauth2/v2.0/token
Client ID: Application ID of App Registration
Client Secret: copied client secret from App Registration
Scope: https://api.businesscentral.dynamics.com/.default
Client Authentication: Send as Basic Auth Header
Then click on Get New Access Token and Use token.
The result must be APIs list:

Now you can use these values to setup OAuth2.0 connection for other integrations.
Any thoughts on the matter?
Related posts
Realtime Warehouse Coordination with AI Development
The Challenge: Realtime Coordination Across Two Warehouse Facilities
Our client, a rapidly expanding business, faced a critical operational challenge after adding a second facility—a large warehouse. Effective communication between the front desk team in Building 1 and the warehouse/loading team in Building 2 was essential for efficiency and safety. They required a web application to streamline this process, enabling the front desk to log customer arrivals and assign loading lanes while the warehouse team managed bay assignments and loading status. The app needed to support 10-15 simultaneous users with realtime updates, integrate with their Business Central ERP system to update sales orders, and maintain a historical log of customer activity.
SFTP usage in Dynamics 365 Business Central
Files exchange in between systems is not the best way to integrate. However, when API is unavailable or cannot be used, SFTP (SSH/Secure File Transfer Protocol) can be one of the options to consider
For Business Central on-premises you can use WinSCP dotnet libraries and successfully read/write/delete files directly on SFTP server. However, you can't use this approach for SaaS Business Central. What can be done in that case? The answers are provided in the article below.
QuickBooks vs Dynamics 365 Business Central
Learn about the advantages of switching from QuickBooks to D365 Business Central when it comes to scalability.