Blog

Integrating Business Central: APIs, webhooks and Azure Functions

Almost every Business Central project ends up needing to talk to something else: a web shop, a document signing service, a data lake, a warehouse system. The good news is that BC ships with a mature integration toolbox. The risk is choosing the wrong tool and ending up with something fragile that breaks on the next update. This is how we think about the options, and the experience behind that thinking.

INTEGRATING BUSINESS CENTRAL — THE TOOLBOX Business Central SaaS REST / OData Webhooks Azure Functions Power Automate
The four main ways to connect Business Central to the outside world. Each suits different jobs — the rest of this post is about when to reach for which.

Built-in REST and OData v4 APIs

Business Central exposes a large set of standard REST APIs (customers, items, sales orders, journals and more) plus OData v4 endpoints over published pages and queries. For most read and write scenarios against standard entities, you do not have to build anything; the endpoint already exists.

Every entity you can use out of the box is an integration you do not have to develop, test or maintain through future upgrades. Always check the standard API surface before writing custom code.

Custom API pages

When the standard APIs do not cover your data (a custom table, a tailored projection, a specific field set) you expose your own API page or API query in AL. This gives you a clean, versioned, OData-compatible endpoint that BC treats as a first-class citizen.

A purpose-built API page is far more stable than scraping a UI page or abusing a generic endpoint. It survives upgrades because it is your contract, defined explicitly.

Webhooks for push notifications

Polling an API on a timer is wasteful and slow. Webhooks let BC push a notification to your endpoint the moment a record changes, so your middleware reacts in near real time instead of asking “anything new?” every few minutes. Push beats poll for both cost and responsiveness: order confirmations, stock changes and status updates reach the other system promptly without hammering the API.

Azure Functions for the heavy lifting

AL is excellent inside Business Central, but it is not where you want to run complex transformations, call third-party SDKs, or orchestrate multi-step flows. That work belongs in middleware, and Azure Functions is our default home for it. BC raises an event or calls out; the Function does the mapping, retries, batching and external calls; results flow back through an API.

We have shipped exactly this pattern against SharePoint and Google Drive (document storage), AWS (cloud services), Scrive (digital signing) and bespoke Azure Functions middleware. The recurring lesson: keep BC thin and push the messy integration logic out to where it can be tested, scaled and monitored independently. Separating concerns keeps your BC extension small and upgrade-safe, while the heavy or volatile logic lives somewhere you can deploy and fix without touching the ERP.

Connectors: Power Platform, Shopify and friends

For common scenarios there are ready-made connectors: the Power Platform connector (Power Automate, Power Apps), the Shopify connector, and others. These are no/low-code routes that can deliver value in days rather than weeks. If a supported connector covers your need, it is almost always cheaper and more durable than custom code. Reach for custom only when the connector truly cannot do the job.

Authentication: OAuth via Microsoft Entra

Basic authentication is gone. Modern BC integrations authenticate through Microsoft Entra (OAuth 2.0): registered applications, scoped permissions and token-based access. Service-to-service calls use client credentials; interactive scenarios use delegated permissions. Entra gives you revocable, auditable, least-privilege access with no shared passwords sitting in config files.

Keep it upgrade-safe and resilient

Whatever you build, two principles hold. Upgrade-safe: use events and extensions, never modify standard objects, and depend on documented APIs rather than internal behaviour. Resilient: assume the network and the other system will fail, and build in retries, idempotency and logging so a transient outage does not corrupt data or lose messages.

Integrations are where most post-go-live incidents originate. Designing for failure up front is what separates an integration you forget about from one that pages someone every month.


Need to connect Business Central to another system in a way that survives the next update? Tell us your story and we will recommend the simplest, most durable approach for your case.

← All articles

Tell us your story.

Describe what you need and we will come back with an honest, free estimation — no strings attached.

Request a free estimation