Environment – Dynamics 365 for finance and operations, Release 7.2, Update 12
So the big challenge for X++ developers is how to check the data entities that are published via customized code or even standard.
Use Fiddler.
Data entity property IsPublic = Yes, it means that data entity is accessible via OData. But data entity is accessible via public collection name. For example, Customers V2 entity (Target entity name is CustCustomerV2Entity) is accessible via OData as https://<axbaseurl>/data/CustomersV2
And if you have thousands of records, and you want filtered results, then you can add $filter criteria as well.
Example 1: If requirement is to list top 100 customers across all legal entities (assuming there exist more than one legal entity)
URL: https://<axbaseurl>/data/CustomersV2?$top=100&cross-company=true.
Example 2: If requirement is to list top 100 customers in just one legal entity.
URL: https://<axbaseurl>/data/CustomersV2?$top=100&$filter=dataAreaId eq ‘USMF’
Now there is a requirement to do some insert or update operation on a data entity. It is simple, yet, process driven.
Step 1. Authentication. For authentication, it is required to create an azure based application. Once this application creation is done, then you will get your ‘Client ID’ (or it is known as Application ID as well in azure portal for the application) and then you can generate (& Save) Client secret key as well. Both ‘ClientID’ and ‘Client Secret Key’ is required for Fiddler process.
Step 2. Registering and authorizing this application ID (or client ID) in Dynamics environment. Ensure that this ‘Client ID’ exist in Dynamics environment: Modules > System administration > Setup > Azure active directory applications. If record does not exist on the form, create a new one with details about Client ID, name:, and user Id. Ensure User ID = Admin.
Once you have above 2 steps completed, then you are ready for Fiddler action. It is once again 2 step process.
Step 1a. Get access_token, which is authorization key.
Step 2a. Use step 1 generated access_token in the GET or POST (insert operation) or PATCH (update operation) queries.
Step 1a. Get access_token query
POST https://login.windows.net/<tenantId>/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: login.windows.net
resource=https%3A%2F%2F<axbaseurl>&client_id=<clientId>&client_secret=<client_secret_key>&grant_type=client_credentials
<tenantId> – you can get this from Azure portal
<client_id> – as explained in Step 1 above. Client_Id or application Id is same.
<client_Secret_key> – As explained in Step 1 above.
How to use this step 1a in Fiddler?
- Start Fiddler, and ensure that these settings are set appropriately.

- Before ‘Options’ tab, there is ‘Scratch pad’. This is pretty awesome option where you can save your commands that can be selected and executed. The highlighted text is same as provided in step 1a above.

- Select the highlighted text, and click Execute button. The results would appear as given below. From here, you need to copy the value for tag “access_token” to be used in the next step with GET, POST or PATCH. Note that your scratch pad query is still available under “Composer” tab.

- Assume that you copied the access_token value.
- Copy this access_token generated from previous screen and paste in the following query that you need to write in Scratch pad.
GET https://<axbaseurl>/data/Customers?$top=10&cross-company=true HTTP/1.1
OData-Version: 4.0
OData-MaxVersion: 4.0
Accept: application/json;odata.metadata=minimal
Accept-Charset: UTF-8
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IkZTaW11RnJGTm9DMHNKWEdtdjEzbk5aY2VEYyIsImtpZCI6IkZTaW11RnJGTm9DMHNKWEdtdjEzbk5aY2VEYyJ9.eyJhdWQiOiJodHRwczovL3N0YXJ0ZWNoZGV2YnJhbmNoYW9zLnNhbmRib3guYXguZHluYW1pY3MuY29tIiwiaXNzIjoiaHR0cHM6Leeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee2Q3YWYtYzM4Ni00YTJiLTg3YjAtMTZlNzZhZGRmYjIzLyIsImlhdCI6MTUyMjMwMjg5NCwibmJmIjoxNTIyMzAyODk0LCJleHAiOjE1MjIzMDY3OTQsImFpbyI6IlkyTmdZSGgzNE1XUmczZG03N2x2MVB5aitpZG5IZ0E9IiwiYXBwaWQiOiJkOGY2M2NmYi01MDgxLTQ3MTMtYWMyZS02OGIzZDYzMjYxZDQiLCJhcHBpZGFjciI6IjEiLxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxm5ldC8wYmYzZDdhZi1jMzg2LTRhMmItODdiMC0xNmU3NmFkZGZiMjMvIiwib2lkIjoiZDYwNzdkYzktNzczYS00MWE0LWFkNDAtMjBmZTI5MmMwNTFjIiwic3ViIjoiZDYwNzdkYzktNzczYS00MWE0LWFkNDAtMjBmZTI5MmMwNTFjIiwidGlkIjoiMGJmM2Q3YWYtYzM4Ni00YTJiLTg3YjAtMTZlNzZhZGRmYjIzIiwidXRpIjoiQ1hBWVZWMlpoMC0zTkZNM1M5TUpBQSIsInZlciI6IjEuMCJ9.pgf-hUFLhmadBVC8AXTmvP3IBROC-0tfF-qwYmdppkRbUj-xer-aPfB41Re41vtREOKAtMcmzQip7xtif7HnguDndh104hJZ9qHz-qp-zEQV4BCV-gb9pQw7LDvpwZNpGMGU6jrL2IYGdGTUcuhyNK2ePfInm5_TGpjiP_VKYUNcUZS-PUeGG6lqKL7oJlzlg6nTqbJJa3jXnCA0SbnSQwhyvgGVx97IGMqhQZ1MNNh3J5dHidL_8ubidwbP9FTjByC6rdtWsDWomJhDWe28zPbpS1CoClfvjewm1UII6j0PsPUc8hJwTjsZxmpfq__W9sZ5d7Be9TdqDlouof6vvg
Host: <axbaseUrl without https>
- Select this whole text in scratch pad, and click ‘Execute’ button on top right. You will get the results as shown below:

- So in the result, you get JSON with top 10 customer records across all legal entities.
Example. Inserting (POST) a new customer postal address
Details: We extended the standard data entity ‘CustomerPostalAddressEntity’ to allow auto-generation of AddressLocationId field if not provided in the OData entity. And one more additional requirement to add ‘Telex Code’ in the address contact of type ‘Telex’. hence created a field called ‘STTelexCode’. The new entity name provided was “STCustomerPostalAddressEntity”. Command created in the scratch pad as follows. Bearer access_token is same as generated in step 1a above.
POST https://<axbaseurl>/data/STCustomerPostalAddresses HTTP/1.1
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJJJJJJJJJJJJJJJJJJJJJJJJJTaW11RnJGTm9DMHNKWEdtdjEzbk5aY2VEYyIsImtpZCI6IkZTaW11RnJGTm9DMHNKWEdtdjEzbk5aY2VEYyJ9.eyJYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYnNhbmRib3guYXguZHluYW1pY3MuY29tIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvMGJmM2Q3YWYtYzM4Ni00YTJiLTg3YjAtMTZlNzZhZGRmYjIzLyIsImlhdCI6MTUyMjMwMjg5NCwibmJmIjoxNTIyMzAyODk0LCJleHAiOjE1MjIzMDY3OTQsImFpbyI6IlkyTmdZSGgzNE1XUmczZG03N2x2MVB5aitpZG5IZ0E9IiwiYXBwaWQiOiJkOGY2M2NmYi01MDgxLTQ3MTMtYWMyZS02OGIzZDYzMjYxZDQiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8wYmYzZDdhZi1jMzg2LTRhMmItODdiMC0xNmU3NmFkZGZiMjMvIiwib2lkIjoiZDYwNzdkYzktNzczYS00MWE0LWFkNDAtMjBmZTI5MmMwNTFjIiwic3ViIjoiZDYwNzdkYzktNzczYS00MWE0LWFkNDAtMjBmZTI5MmMwNTFjIiwidGlkIjoiMGJmM2Q3YWYtYzM4Ni00YTJiLTg3YjAtMTZlNzZhZGRmYjIzIiwidXRpIjoiQ1hBWVZWMlpoMC0zTkZNM1M5TUpBQSIsInZlciI6IjEuMCJ9.pgf-hUFLhmadBVC8AXTmvP3IBROC-0tfF-qwYmdppkRbUj-xer-aPfB41Re41vtREOKAtMcmzQip7xtif7HnguDndh104hJZ9qHz-qp-zEQV4BCV-gb9pQw7LDvpwZNpGMGU6jrL2IYGdGTUcuhyNK2ePfInm5_TGpjiP_VKYUNcUZS-PUeGG6lqKL7oJlzlg6nTqbJJa3jXnCA0SbnSQwhyvgGVx97IGMqhQZ1MNNh3J5dHidL_8ubidwbP9FTjByC6rdtWsDWomJhDWe28zPbpS1CoClfvjewm1UII6j0PsPUc8hJwTjsZxmpfq__W9sZ5d7Be9TdqDlouof6vvg
Content-Type: application/json; charset=utf-8
Host: <axbaseurl>
{
"CustomerAccountNumber": "Atul1012",
"CustomerLegalEntityId": "US01",
"AddressDescription": "hOME address1",
"dataAreaId": "US01",
"AddressCountryRegionId": "IND",
"AddressLocationRoles": "Delivery",
"AddressStreet":"Apurva Apartment complex,\n100 Block B, Apt 2011\n Near Ram Baazar",
"AddressState": "IN.10",
"IsPostalAddress": "Yes",
"IsPrimary": "No",
"IsRoleBusiness": "No",
"IsRoleDelivery": "Yes",
"STTelexCode": "ABCD123456"
}
Select above POST query (all lines) and click ‘Execute’ button. The result screen shown below with status code 201: Created.

More to come using PATCH later.
Happy Fiddling.