AI
-
Your Business Central MCP server should be read-only until it can't be
The Business Central MCP server is GA-adjacent and the pitch writes itself: connect Claude or Copilot Studio, read and write ERP data in natural language, no custom API. The connection is the boring part. You've just handed a promptable, nondeterministic actor a write path to your ledger — and the only thing standing between it and a posted document is how you configured it.
-
When NOT to use an AI agent in Business Central
The built-in agents are GA and every partner is asking 'can an agent do this?' That's the wrong question. For a large class of BC work, a deterministic codeunit beats an agent on cost, latency, and auditability — and picking the agent anyway is a downgrade dressed as innovation.
-
Your AI feature must run on a fresh tenant, or it doesn't run
The line between a demo and a product is whether it works on a clean Business Central environment with none of your developer setup. Five concrete things that separate 'works on my box' from 'a customer can actually use it'.
-
Shipping a Copilot feature in Business Central that survives real users
A PromptDialog demo takes an afternoon. A Copilot feature real users won't switch off takes the other 90%: scoping, grounding, the generate–review–accept loop, and treating the model's output as a proposal that never silently touches data.
-
A 502 in your PDF-to-LLM pipeline is the gateway, not the model
Business Central sends a PDF through an AI gateway and gets a flat 502. The instinct is to blame the prompt. Don't — the model never saw your document. Here's how to bisect the pipeline and force a text-extraction path that works.
-
Route, don't call: why a model gateway belongs between you and the LLM
Calling a provider SDK directly is the fastest way to start and the slowest way to scale. A thin gateway turns the model into config — and buys you fallback, cost control, and observability you'll need the week after launch.
-
Calling AI from Business Central: the platform realities nobody warns you about
Your AL HttpClient call to an AI endpoint returns send=false and no error. It's not your code — it's three platform guardrails (the HttpClient flag, the anti-SSRF allowlist, and loopback hostnames) that fail silently. Here's the checklist.
-
Treat LLM output as untrusted input
The single mental shift that prevents a whole class of AI bugs and vulnerabilities: a model's response is not a value you computed, it's user input from a stranger — and you already know how to handle that.
-
Two crafts, one blog: why I write about AI and Business Central
I do two jobs that are quietly merging — ERP engineering on Business Central, and building with LLMs. This is the notebook where I work out loud on both, and on the seam between them.
