My background is with D365 Sales and I have tons of code that works flawlessly using the "Service to service calls using client credentials" flow to get its authentication token. Recently, I have been working with F&O and I was trying to using the same basic code to perform an OData call against Finance & Operations. But, I was getting a "No P3P Policy defined" error. Its not a very helpful error.
After some trial and error, I was able to determine that the problem was the URL I was using for the acquisition of the token, via the "AcquireTokenAsync" method). This does not work: https://mydomain.sandbox.operations.dynamics.com/, whereas this one does: https://mydomain.sandbox.operations.dynamics.com. The only difference was the trailing slash. Once I removed it, the error went away and all my queries began working flawlessly.
Sample Code: https://gist.github.com/rajrao/455963f9bd5b9a16558b6085116b3c03
Error Details
StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
P3P: CP="No P3P policy defined. Read the Microsoft privacy statement at https://go.microsoft.com/fwlink/?LinkId=271135"
Other documents:
MsDocs: Service endpoints overview