Managing sensitive data in JSON objects got a major upgrade! In Microsoft Dynamics 365 Business Central, on Cloud, developers often work with SecretText, a data type designed to handle sensitive information securely. With the newly introduced WriteWithSecretsTo method in AL, injecting secrets into JSON is now possible.
🔒 What Is SecretText in Business Central?
In Business Central, the SecretText type is used to store and handle sensitive information—like API keys, authentication tokens, and passwords—without exposing them in plaintext. This ensures security in applications by keeping confidential values encrypted and hidden from unauthorized access.
Now, with WriteWithSecretsTo, you can replace placeholders in a JsonObject with SecretText values dynamically, making secure API communication.
🛠 Demo
The process is simple:
- Create secrets which you would like to replace in JSON Body
- Create a JsonObject with placeholder values where secrets need to be inserted.
- Define the paths to these placeholders using JPath format, alongside their corresponding secret values.
- Use WriteWithSecretsTo to produce a new SecretText object, replacing placeholders securely.
Debug:
Forward SecretText (non-debuggable/value not visible) variables to a method where you would create JSON Body:
In the method, you still wouldn’t see SecretText values.
If you take a look on JSON Body created, it contains only placeholders.
After using the method WriteWithSecretsTo, you are storing it again into SecretText result, and from that point, you are not able to see the JSON Body anymore.
HttpContent has overload for SecretText so it can accept and securely store it without secrets being leaked.
Let’s take a look at Request details received and catched:
As you can see, the API receiving server will be receiving correct data without a placeholder. Your secrets are handled in AL code securely.
🚀 Why This Matters
- Enhanced Security – Credentials stay protected inside SecretText, never appearing in raw format.
- Effortless JSON Manipulation – No manual string operations or direct secret handling required.
- Debug-Friendly Approach – Placeholder-based development lets you build and test JSON structures before injecting secrets.
This improvement ensures Business Central AL developers can work with sensitive data safely and efficiently. The WriteWithSecretsTo method removes unnecessary complexity while keeping security best practices in check.
Subscribe to our email newsletter to get the latest posts delivered right to your email.
Comments