In this video, I take a closer look at the new Recommended Apps feature in Business Central v19.
In this video, Erik explores the Recommended Apps feature introduced in Business Central 2021 Wave 2 (version 19). He walks through how the feature works, how partners can programmatically populate the recommended apps list, examines the underlying app structure from Microsoft, and raises some important questions about discoverability and potential security concerns with the current implementation.
What Is the Recommended Apps Feature?
With AppSource approaching nearly 2,000 apps at the time of this recording, finding the right app has become increasingly difficult for customers. The Recommended Apps feature allows partners (resellers) to pre-populate a list of apps they recommend to their customers, providing guided discovery in a space that’s become quite crowded.
The feature was originally referred to as “List of Trusted Apps” in the release plan, but the final name became Recommended Apps. The release plan itself doesn’t go into great detail about how the feature actually works, so Erik digs in hands-on.
Discovering the Recommended Apps Page
Inside Business Central, you can search for a page called Recommended Apps. On a fresh environment, this page will be empty — nobody has recommended anything yet. Using the Page Inspector (Ctrl+Alt+F1), Erik confirms that the page comes from a Microsoft-published app called “Recommended Apps.”
You can find this app through Extension Management. It’s a small app — just six objects in total:
- 1 Table —
Recommended Apps(stores the data) - 2 Pages — A list page and a card page
- 2 Codeunits — An interface-style codeunit and an implementation codeunit (classic Microsoft pattern)
- 1 Enum —
App Recommended Bywith a single option: “Your Microsoft Reseller”
Setting Up the Dependency
To interact with the Recommended Apps feature from your own extension, you first need to add a dependency to the Recommended Apps app in your app.json. You’ll need the app’s ID, name, publisher, and version — all of which can be found in Extension Management:
{
"id": "8fac5d45-7678-4df9-b9a5-cf0c93ef7bdd",
"name": "whatnewin2021w2",
"publisher": "Default publisher",
"version": "1.0.0.0",
"brief": "",
"description": "",
"privacyStatement": "",
"EULA": "",
"help": "",
"url": "",
"logo": "",
"dependencies": [],
"screenshots": [],
"platform": "1.0.0.0",
"application": "19.0.0.0",
"idRanges": [
{
"from": 50100,
"to": 50149
}
],
"resourceExposurePolicy": {
"allowDebugging": true,
"allowDownloadingSource": false,
"includeSourceInSymbolFile": false
},
"runtime": "8.0"
}Add the Recommended Apps app details to the dependencies array, then run Download Symbols to pull down the app’s symbols so you can reference its objects in your code.
Inserting a Recommended App Programmatically
Erik creates a page extension on the Recommended Apps list page, using the OnOpenPage trigger to populate a recommendation. The key codeunit exposes several useful functions:
InsertApp— Add a new recommended appDeleteAllApps— Remove all recommendationsDeleteApp— Remove a specific recommendationGetApp— Retrieve app detailsGetAppURL— Get the AppSource URLRefreshImage— Refresh the app logoUpdateApp— Update an existing recommendation
The InsertApp procedure takes several parameters:
- ID — A GUID (the primary key, which can be a newly generated GUID)
- Sorting ID — Controls display order (use a small number to appear first)
- Name — The app name
- Publisher — The app publisher
- Short Description — A brief description shown on the list
- Long Description — A more detailed description for the card view
- Recommended By — The enum value indicating who recommended it
- AppSource URL — A link to the app on AppSource
Erik demonstrates this by inserting a recommendation for his own app, the Simple Object Designer:
pageextension 50101 RecommendedAppListExt extends "Recommended Apps List"
{
trigger OnOpenPage()
var
RecApp: Codeunit "Recommended Apps";
begin
RecApp.InsertApp(
CreateGuid(), // ID
1, // Sorting ID (low number = appears first)
'Simple Object Designer', // Name
'Erik Ernst', // Publisher
'Add fields to tables, pages and reports - no code development tool for BC', // Short Description
'Add fields to tables, pages and reports and create and expose data as API pages, all without writing any code.', // Long Description
Enum::"App Recommended By"::"Your Microsoft Reseller", // Recommended By
'https://appsource.microsoft.com/...' // AppSource URL
);
end;
}How It Looks
After publishing and running the extension, the Recommended Apps page now shows the Simple Object Designer. One nice touch: Business Central automatically pulls the logo image from AppSource, so you don’t need to supply one yourself.
Clicking on the app opens a card view showing the long description and a link that takes you directly to AppSource. However, Erik notices a small display quirk — the short description appears on the list but not on the card, and the first line of the long description appears to be truncated.
Discoverability Concerns
One of Erik’s main criticisms is discoverability. The only way a customer can find the Recommended Apps page is by explicitly searching for “Recommended Apps” in the Business Central search bar. There is:
- No notification on the home page or role center
- No integration with the “Get Started” experience
- No prominent link in the Extension Marketplace
- No indication anywhere that recommendations exist
This is counterintuitive — customers would need to already know the feature exists in order to find it, which defeats much of its purpose.
Security and Abuse Concerns
Erik raises a more serious concern about the potential for abuse. Since the codeunit’s functions don’t appear to be restricted to any particular caller, any installed app could manipulate the recommended apps list. He demonstrates this by extending the App Recommended By enum with a custom value:
enumextension 50100 AppRecommendedByExt extends "App Recommended By"
{
value(1; "An Installed App")
{
Caption = 'An Installed App';
}
}This means any app publisher could potentially:
- Spam the list — Every time a customer installs one of their apps, that app could inject recommendations for all of the publisher’s other apps
- Delete competitors’ recommendations — Using
DeleteAllAppsorDeleteApp, a hostile app could remove recommendations that a partner has carefully curated - Replace recommendations — Delete existing entries and insert their own
While Erik acknowledges this is a somewhat adversarial way to think about it, these are realistic scenarios that could undermine trust in the feature.
Timing and Population Challenges
Another practical issue Erik identifies: how does a partner populate recommendations for new environments? When a customer creates a new sandbox from the Admin Center, the partner may not know about it immediately. There’s no mechanism to automatically push recommendations to new environments.
Erik suggests that a more robust approach would involve:
- Maintaining a list of recommended apps in Partner Center
- Automatically pulling that list whenever a tenant spins up a new environment
- Surfacing recommendations prominently in the marketplace or AppSource experience, where Microsoft already knows the tenant-to-reseller relationship
A Bug in the Implementation
Erik also spots what appears to be a bug in Microsoft’s code: there’s a confusion between the Recommended By enum and a field with a similar name, suggesting the implementation may have been rushed or not fully polished.
Conclusion
The Recommended Apps feature in BC 2021 Wave 2 is a promising concept — partners absolutely need a way to guide customers toward trusted apps in an increasingly crowded AppSource marketplace. However, the current implementation feels like a first step rather than a complete solution. Key issues include poor discoverability (customers must search for the page by name), lack of access controls (any app can manipulate the recommendations), and no automated mechanism for populating recommendations across new environments. Erik hopes this is just the beginning and that Microsoft will build on this foundation with deeper integration into the marketplace experience, Partner Center, and AppSource itself.
