Get Authorization-Code


client_id (required) - The client_id is the public identifier for the app.

response_type (required) - The response_type should be set to code, indicating that the application expects to receive an authorization code if successful.

state (required) - The state parameter is used by the application to store request-specific data and/or prevent CSRF attacks. The authorization server will return the unmodified state value back to the application.

scope (required) - The request should have one or more scope values indicating access requested by the application. The authorization server will display the requested scopes to the user. The scope parameter is a list of URL-encoded space-delimited, case-sensitive strings. A full list of scopes can be found here . Example: scope=article%20companyinformation

redirect_uri (optional) - URL-encoded URI that must match the Redirect URI for the app set in the Developer Portal. If omitted, it will default to the registered Redirect URI.

access_type (optional) - Indicates whether your app can refresh access tokens when the user is not present at the browser. Should be set to offline.

account_type (optional) - Indicates whether a service account should be created. Service account must also be enabled for the app in the Developer Portal. A service account is not connected to any specific user and has a specific set of permissions suitable for integrations within the requested scopes. There can only be one service account per client_id and customer. Only system administrators of the customer can authorize service accounts during the authorization process. The only valid value is “service”, if a service account should be created.

Users will be redirected to a login screen where authentication is performed using regular Fortnox user credentials. Upon successful authentication, the server responds with a redirect containing the Authorization-Code.

Read more about OAuth

Response redirect{Authorization-Code}&state=somestate123

See our comprehensive documentation regarding the Fortnox API.

Subscribe to our blog

By contacting Fortnox, your personal information will be processed in accordance with Fortnox's Privacy Notice

Join us

Approximately half a million customers are waiting for your integration at our Integrations page.