Home > CRM, Dynamics 365 > [Step by Step] Postman tool to test Dynamics 365 online Web API

[Step by Step] Postman tool to test Dynamics 365 online Web API

In this article, lets see how to connect and test Dynamics 365 Web API requests using Postman tool, step by step along with troubleshooting steps.

Note: Refer article for steps to connect to Dataverse Web API from Postman tool.

Those who are not familiar with Postman tool, it is a request composer tool, which allows you to authenticate to your Dynamics 365 instance,  compose Web API requests, send them, and view response. Link to download


  • Download Postman tool
  • Dynamics 365 online instance. (Subscribe to 30 days trial, if you have not one)
  • Azure Active Directory Portal (You need to login with your Office 365 Credentials)

Register App in Azure Active Directory:

As a first step, you need to register an App in Azure Active Directory (i.e., oAuth) by following below steps

  • Connect to the Azure Active Directory (AD) Portal with your Office 365 credentials.
  • Register a new Dynamics 365 App by following steps mentioned here
  • Once you are done with App registration, copy ‘Application ID’ and ‘Home page’ values, which you need to use next steps.


Setup your Postman tool:

Create ‘Environment’

  • Create a new Postman ‘Environment’ with below variables. This is one time activity for a single D365 instance.
    • url : Your Dynamics 365 URL
    • clientid : ‘Application ID’ from Azure AD,  generated in above section.
    • version : Dynamics version
    • webapiurl : Set this to {{url}}/api/data/v{{version}}/
    • callback : ‘Home page’ value from Azure AD,  generated in above section.
    • authurl : Set this to https://login.microsoftonline.com/common/oauth2/authorize?resource={{url}}
  • I created a new ‘Environment’ with name ‘DynamicsCRM’ and it looks as below


Generate oAuth Access Token:

Post ‘Environment’ creation, we need to generate oAuth Access Token. This is one time activity for a single D365 instance.

  • Make sure you select ‘Environment’ created in previous section. In my case its ‘DynamicsCRM’.
  • Under ‘Authorization’ tab, set ‘Type’ to ‘oAuth 2.0’ and click on ‘Get New Access Token’.


  • In the ‘GET NEW ACCESS TOKEN SCREEN’ make sure you set values as below.


  • Click ‘Request Token’ and system will prompt you for credentials, pass your O365 credentials.


  • When you click ‘Next’, you may encounter “response_type ‘token’ is not enabled for the application” exception.
    • To fix this, make sure in your Azure AD Application’s manifest “oauth2AllowImplicitFlow” property is set to ‘true’


  • You may also encounter “The reply url specified in the request does not match the reply urls configured for the application“.
    • To fix this, make sure you set the Postman’s ‘Environment’ -> ‘callback’ variable set correctly.
  • Click ‘Continue’ to complete the ‘Access Token’ generation process.
  • On successful ‘Access Token’ generation, you would get the screen as below.


  • Click ‘Use Token’.

That’s it! we are done with settings and its time to test the Dynamics API’s with Postman

Test by executing ‘WhoAmI’ request:

  • Make sure you select the right ‘Environment’ and generated your ‘Access Token’.
  • Select ‘GET’ operation and set the URL as {{webapiurl}}WhoAmI
  • Click ‘Send’
  • You should get “200 OK” response up on success.


  • You may get “401 Unauthorized” response.


  • To fix this, make sure you set “Add authorization data to” to “Request Headers”.



  1. March 11, 2019 at 2:49 AM

    This is one of the finest guides I have seen on Postman. Thank you so much Rajeev.

  2. July 19, 2019 at 9:39 AM

    Excellent guide. Well written

  3. Matt R
    August 2, 2019 at 3:21 PM

    Followed all the steps but when I Request Token and enter my credentials, I just get back access_denied in the Postman console, no other reason.

    • Matt Rinkenberger
      August 2, 2019 at 3:55 PM

      Might’ve had some typos, getting a token now, then I chose Use Token and submitted the request, getting 401 unauthorized. Confirmed Add authorization data to Request Headers is selected

  4. Chris
    October 1, 2019 at 3:42 AM

    I followed all your instructions but still getting 500 Internal Server Error in the end. Please help.

  5. May 19, 2020 at 7:26 PM

    excellent – exactly what I needed!

  6. Sam
    June 2, 2020 at 7:40 AM

    Amazing article, it worked like a charm for my crm api. No issues, simply followed the steps and wallah!!

  7. August 7, 2020 at 4:47 PM

    this helped me, but how to download a report from dynamics using api through postman. I’m able to get the report definition but not the data.Can you guide me.

  8. MB
    November 24, 2020 at 8:23 AM

    excellent documentation – followed till the last, after the 401 error changed the auth type, now i get error 500? anything i am doing wrong?

  9. RF
    March 22, 2021 at 10:23 PM

    Hello, I’m getting a 403 Forbidden when i do a Get request. What am i doing wrong? Please help me.

  10. Jeff
    May 20, 2021 at 5:14 PM

    Thank you a ton. One more bit of info would be that using postman 8, you can specify the callback url as https://oauth.pstmn.io/v1/callback. Just remember to add that in your app registration in Azure AD.

  1. March 12, 2019 at 1:58 PM
  2. July 21, 2021 at 7:20 PM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: