Authorization is made by including the header Authorization in the API request.

The value should be “Bearer” and an active Access-Token for the user.

Fortnox API supports both JSON and XML. You will need to use the header fields Content-Type and Accept to specify which type you use.

The value for these header fields should be application/json.

For requests where the content is a file, like in archive or inbox, a special content-type is used, this type is multipart/form-data. The header field “accept” should still be JSON, this specifies in which format you want the return data to be in.

This is an example of how the header should look with all the header fields filled in correctly.

Accept: application/json
Authorization: Bearer {Access-Token}
Content-Type: application/json