I would be grateful if you would share more detail on the steps to get a token from Azure AD that the REST API will accept. I too have a back-end web server making calls to the REST service. I’m currently using basic authentication but we are moving all authentication over to AD. It would be nice if Epicor provided a guide if this is going to be the optimal authentication method for REST.