Step 4. Retrieving access tokens
-
In order to retrieve an access token we need to do a POST request to the Visma Connect token endpoint. We created an example function to make a curl request in PHP to fetch the access token. In our application we store the access token in the session.
function getAccessToken() {
$url = 'https://connect.identity.stagaws.visma.com/connect/token';
$curl = curl_init();
$headers = [
'content-type: application/x-www-form-urlencoded',
];
$data = 'grant_type=client_credentials'
. '&scope=brincr:country brincr:category'
. '&tenant_id=YOUR_TENANT_ID'
. '&client_id=YOUR_CLIENT_ID'
. '&client_secret=YOUR_CLIENT_SECRET';
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_POST, TRUE);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$response = json_decode(curl_exec($curl), true);
curl_close($curl);
$_SESSION['access_token'] = [
'token' => $response['access_token'],
'expires_at' => time() + (int) $response['expires_in'],
];
}
url
The url where we need to send our POST request is https://connect.identity.stagaws.visma.com/connect/token.
grant_type
In our example we use the grant_type client_credentials.
We need to use this exact grant type because we have setup a service application in the Visma Developer Portal. Service applications are strictly used to call APIs and use the client_credentials OAuth2 grant type to obtain Access Tokens from the Authorization Server by providing it's credentials and the set of scopes (permissions) it requests.
scope
This identifies the API access that your application is requesting.
In our example we use the scope brincr:country brincr:category, meaning that our application will only have access to the
country and category endpoints in Brincr.
tenant_id
You can find a list of all tenant_ids from tenants that have granted your application access to their data in Brincr.
This list can be found in 'My Applications > Integration > Customers' in the Visma Developer Portal.
client_id
You can find your client_id in the details page of your application in the Visma Developer Portal.
client_secret
During the setup we created a secret for our application. This is the secret that you need to use.
In order to retrieve an access token we need to do a POST request to the Visma Connect token endpoint. We created an example function to make a curl request in PHP to fetch the access token. In our application we store the access token in the session.
function getAccessToken() {
$url = 'https://connect.identity.stagaws.visma.com/connect/token';
$curl = curl_init();
$headers = [
'content-type: application/x-www-form-urlencoded',
];
$data = 'grant_type=client_credentials'
. '&scope=brincr:country brincr:category'
. '&tenant_id=YOUR_TENANT_ID'
. '&client_id=YOUR_CLIENT_ID'
. '&client_secret=YOUR_CLIENT_SECRET';
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_POST, TRUE);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$response = json_decode(curl_exec($curl), true);
curl_close($curl);
$_SESSION['access_token'] = [
'token' => $response['access_token'],
'expires_at' => time() + (int) $response['expires_in'],
];
}
url
The url where we need to send our POST request is https://connect.identity.stagaws.visma.com/connect/token.
grant_type
In our example we use the grant_type client_credentials.
We need to use this exact grant type because we have setup a service application in the Visma Developer Portal. Service applications are strictly used to call APIs and use the client_credentials OAuth2 grant type to obtain Access Tokens from the Authorization Server by providing it's credentials and the set of scopes (permissions) it requests.
scope
This identifies the API access that your application is requesting.
In our example we use the scope brincr:country brincr:category, meaning that our application will only have access to the
country and category endpoints in Brincr.
tenant_id
You can find a list of all tenant_ids from tenants that have granted your application access to their data in Brincr. This list can be found in 'My Applications > Integration > Customers' in the Visma Developer Portal.
client_id
You can find your client_id in the details page of your application in the Visma Developer Portal.
client_secret
During the setup we created a secret for our application. This is the secret that you need to use.