What is Aident CentralLink?
Aident CentralLink lets Business Central cloud call on-premises hardware, file systems, or custom .NET components-securely and without opening inbound firewall ports.
How does it work?
| Part | Runs on | Purpose |
|---|---|---|
| CentralLink Agent | Windows host in the customer network | Windows service that loads plug-in DLLs and maintains an outbound Hybrid Connection to Azure Service Bus Relay. |
| Azure Service Bus Relay | Microsoft Azure (PaaS) | Cloud relay that tunnels HTTPS traffic from Business Central to the on-prem Agent-no VPN required. |
| CentralLink Connector (BC App) | Business Central online tenant | AL extension that authenticates with the Relay and invokes the Agent’s plug-in endpoints. |
Only outbound 443 traffic leaves the LAN; the Agent doesn't listen on a public port.
Architecture at a glance
%% System Architecture - Aident CentralLink
graph TD
%% ===== SaaS =====
subgraph BC["Business Central (cloud)"]
Ext["CentralLink Connector<br/>(AL extension)"]
end
%% ===== Azure =====
subgraph Azure["Microsoft Azure"]
Relay["Azure Service Bus Relay<br/>(Hybrid Connection)"]
end
%% ===== On-prem =====
subgraph OnPrem["Customer network"]
Agent["CentralLink Agent<br/>(Windows service)"]
subgraph Plugins["Plug-in DLLs"]
NetDrive["drive.dll"]
NetPrinter["printer.dll"]
Custom["*.dll"]
end
end
%% Flows
Ext -->|HTTPS| Relay
Relay <--> |Hybrid Conn.| Agent
Agent -->|/.netDrive/*| NetDrive
Agent -->|/.netPrinter/*| NetPrinter
Agent -->|/<plugin>/*| Custom
Key Features
- Hybrid connection - Azure Service Bus Relay eliminates inbound exposure; all traffic is agent-initiated and TLS-encrypted.
- Plug-in model - Drop in any .NET assembly; methods marked with
[PluginMethod]appear instantly as REST endpoints. - No server code changes - Business Central calls the Relay using standard AL HTTP APIs; no additional middleware.
- Zero VPN footprint - Works in locked-down networks; only outbound port 443 is required.
Installation
Note
The private NuGet feed URL and access token (PAT) will be provided by Customer Service.
Replace <private-feed-url> and <PAT> in the commands below.
1. Prepare Chocolatey
https://chocolatey.org/install
# Install Chocolatey (skip if present)
Set-ExecutionPolicy Bypass -Scope Process -Force
iex ((New-Object Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
# Install the Azure DevOps credential provider
choco install nuget-credentialprovider-vss -y
2. Register the private feed
choco source add `
--name=CentralLinkFeed `
--source="<private-feed-url>" `
--user="AzureDevOps" `
--password="<PAT>" `
--priority=1
3. Install the CentralLink Agent
choco install CentralLinkAgent --source=CentralLinkFeed
The installer:
- Deploys CentralLink Agent.
- Creates the default plug-in folder
C:\ProgramData\Aident\CentralLink\Plugins.
4. Using CentralLink
- Launch: Start CentralLink using the desktop shortcut.
- System Tray: Once running, CentralLink will appear in the system tray for quick access.
- Startup: Startup behavior can be configured in the application settings.
Logs are written to Event Viewer → Applications and Services Logs → CentralLink.
Security & Deployment Notes
- Outbound-only - Agent opens a persistent, secured WebSocket to the Relay; no inbound firewall holes.
- Authentication - Shared Access Signature (SAS) key for the Relay plus BC tenant credentials; rotate on demand.
- Observability - JSON logs integrate with Event Log, ELK, Splunk, or Azure Monitor.
- Upgrades -
choco upgrade CentralLinkAgentperforms an in-place update with configuration retention.
Developing Plug-ins
using CentralLink;
namespace HelloWorldPlugin
{
[AgentPlugin("hello")]
public class HelloWorld : IAgentPlugin
{
[PluginMethod("GET")]
public string SayHello(string name) => $"Hello, {name}!";
[PluginMethod("POST")]
public string Echo(string body) => body;
}
}
- Compile the DLL and drop it into
C:\ProgramData\Aident\CentralLink\Plugins. - Endpoint becomes
https://<relay-namespace>.servicebus.windows.net/hello/SayHello.