With the Connection Wizard Action, you will need to select which Authentication Types you would like to use for the Web Service Connection.
The Connection Wizard can be found on the Ribbon of the Payment Gateway Setup Page.
On the first Page displayed, select the Next button:
On the next Page, you will need to select which Authentication Type you would like to use. The options to select from are:
Basic Authentication should only be selected for use in On-Premise Deployments or Azure Deployments prior to Business Central 2022 Release Wave 1.
For any other types of Business Central SaaS Deployments, one of the Service-to-Service (S2S) options should be used as Basic Authentication is being deprecated by Microsoft in March 2022.
S2S Clever Multi-Tenant
S2S Clever Multi-Tenant Authentication can be used for Azure Deployments of Business Central 2022 Release Wave 1 and onwards. It uses Clever Dynamics own Multi-Tenant Application ID and is recommended for the majority of implementations for the sake of simplicity.
S2S Clever Single-Tenant
S2S Clever Single-Tenant Authentication can be used for Azure Deployments of Business Central 2022 Release Wave 1 and onwards. Please refer to the following link for more information on how to setup and use this Authentication Type:
When you select Basic as the Authentication Type, on the next Page you need to set which User Credentials you wish to use. You can copy the WSA Key from the User Card by using the Open User Card link.
On the next Page, you will need to set the required Webservice URL. If you want to use the default Webservice, then select the Apply Default option.
Once completed, the Credentials defined will be displayed on the Business Central Connection Details FastTab of the Payment Gateway Setup Page.
Service-to Service Authentication Types:
You must have Administrative Privileges to complete this process as you will be asked to grant permission at the end on behalf of your Organisation.
Once you click on the Finish button on the Connection Wizard, the below Page will be displayed. This is where you will need to grant Full Access to Web Service API's and Sign in and Read User Profile to the App. More information on this can be viewed on the screenshot below:
Once you click on the Accept button, a confirmation message will appear confirming if consent has been granted successfully. For more information on the consent being granted, please refer to the following to Using Service to Service Authentication - Business Central | Microsoft Docs
You will be consenting to allow the API.ReadWrite.All Permission which access to Web Services in Business Central. You can check the permissions granted by looking in Azure Active Directory Application, Enterprise Applications and Clever Payment Gateway.
Azure Active Directory Application
New entries will have been created in the Azure Active Directory Application which are used to define the Permission Sets used for Clever Payment Gateway. These should be reviewed and amended where required.
To check what you’ve given access to after the fact, you can check from the Azure Active Directory Admin Centre. Under Enterprise Applications (On the left hand menu) you’ll find a list of applications and Clever Payment Gateway will be one of them.
Click on Clever Payment Gateway and then select Permissions. You can see that Clever Handheld has been granted API.ReadWrite.All. This grants access to Business Central web services / API. Further permissions are handled by standard Business Central functionality as described in the Azure Active Directory Application section.