Access token

Step 4. Retrieving access tokens

1. Example

   In order to retrieve an access token we need to do a POST request to the Visma Developer Portal token endpoint. We created an example function to make a curl request in PHP to fetch the access token. In our application we store the access token in the session.

   
   function getAccessToken() {
       $url = 'https://connect.identity.stagaws.visma.com/connect/token';
       $curl = curl_init();
       $headers = [
           'content-type: application/x-www-form-urlencoded',
       ];
   
       $data =   'grant_type=client_credentials'
               . '&scope=brincr:country brincr:category'
               . '&tenant_id=YOUR_TENANT_ID'
               . '&client_id=YOUR_CLIENT_ID'
               . '&client_secret=YOUR_CLIENT_SECRET';
   
       curl_setopt($curl, CURLOPT_URL, $url);
       curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
       curl_setopt($curl, CURLOPT_POST, TRUE);
       curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
       curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
   
       $response = json_decode(curl_exec($curl), true);
   
       curl_close($curl);
   
       $_SESSION['access_token'] = [
           'token' => $response['access_token'],
           'expires_at' => time() + (int) $response['expires_in'],
       ];
   }
   

   URL

   For Sandbox: the URL where we need to send our POST request is: https://connect.identity.stagaws.visma.com/connect/token.

   For Production: the URL where we need to send our POST request is: https://connect.visma.com/connect/token.

   grant_type

   In our example we use the grant_type client_credentials. We need to use this exact grant type because we have setup a service application in the Visma Developer Portal. Service applications are strictly used to call APIs and use the client_credentials OAuth2 grant type to obtain Access Tokens from the Authorization Server by providing it's credentials and the set of scopes (permissions) it requests.

   scope

   This identifies the API access that your application is requesting. In our example we use the scope brincr:country brincr:category, meaning that our application will only have access to the country and category endpoints in Brincr.

   tenant_id

   You can find a list of all tenant_ids from tenants that have granted your application access to their data in Brincr. This list can be found in 'My Applications > Integration > Customers' in the Visma Developer Portal.

   client_id

   You can find your client_id in the details page of your application in the Visma Developer Portal.

   client_secret

   During the setup we created a secret for our application. This is the secret that you need to use.