Get Access-Token


Headers example

ClientId: 8VurtMGDTeAI
ClientSecret: yFKwme8LEQ
Credentials: OFZ1cnRNR0RUZUFJOnlGS3dtZThMRVE=

Credentials is the Base64 encoding of ClientId and Client-Secret, separated with a colon.

Read more about OAuth

Content-type: application/x-www-form-urlencoded
Authorization: Basic {Credentials}

Body example

The body shall be sent by using the "application/x-www-form-urlencoded" format, with a character encoding of UTF-8.

grant_type (required) - Value MUST be set to "authorization_code".

code (required) - The authorization code received from the authorization request.

redirect_uri (required) - If the "redirect_uri" parameter was included in the authorization request, and their values MUST be identical.


  "access_token": "xyz...",
  "refresh_token": "a7302e6b-b1cb-4508-b884-cf9abd9a51de",
  "scope": "companyinformation",
  "expires_in": 3600,
  "token_type": "bearer"

See our comprehensive documentation regarding the Fortnox API.

Subscribe to our blog

By contacting Fortnox, your personal information will be processed in accordance with Fortnox's Privacy Notice

Join us

Approximately half a million customers are waiting for your integration at our Integrations page.