Search
My Products
Help
eriksjolander
CONTRIBUTOR *

Problem getting access token

‎14-03-2024 14:35
by eriksjolander

We have just launched our integration with Visma.net but are having problems onboarding our first users.
We redirect them to:
https://connect.visma.com/connect/authorize?client_id=isv_boardeaser&redirect_uri=https%3A%2F%2Fapp....
(With some real state, I removed it in this example)
They are prompted to login and select their organization, then they are redirect back to our app with a code and the state.
We make a POST request to
https://connect.visma.com/connect/token
username: isv_boardeaser
In the body we include:
code - that we receive from you in the callback url
grant_type=authorization_code
redirect_uri=https://app.boardeaser.com/integrations/visma_net
The response is 400 with body {"error":"invalid_request"}.
Do you have any idea what might be going wrong with this client?
We have been successful with connecting it to our own ISV-account.

0 Kudos
5 REPLIES 5
Marten Voort
VISMA
VISMA

‎20-03-2024 13:54
by Marten Voort

Can you check if the users have api-user rights? This can be configured in Visma.net admin. See also https://community.visma.com/t5/Forum-in-Developers-Visma-net/VISMA-net-shows-error-page-during-OAuth...

0 Kudos
eriksjolander
CONTRIBUTOR *

In response to Marten Voort
‎20-03-2024 16:07
by eriksjolander

We have now validated that the customer has API-user rights. We tried removing the rights from one of our test users and get a access denied message in the authentication process when that is the case.  The customer can go through the whole authentication process and pick the correct company but still gets a 400 response with {"error":"invalid_request"} in the token request.

0 Kudos
Marten Voort
VISMA
VISMA

In response to eriksjolander
‎20-03-2024 17:26
by Marten Voort

The only way I can reproduce this error if I leave the body completely empty. I suspect there is something wrong with the url encoding or form structure of the body. If this does not help you, I suggest you take this up with local support, because we need to do an in-depth check on what is the cause of this error. You can find local support on this page: https://community.visma.com/t5/Forum-in-Developers-Visma-net/Update-on-Visma-net-ERP-API-Support-cha...

0 Kudos
Marten Voort
VISMA
VISMA

‎19-03-2024 12:07
by Marten Voort

Hi Erik, I see you have a username in the request, this should not be needed. Furthermore, some fields seem to be missing in the body of your token request. It should be like this Curl example request:

 

curl --request POST --url https://connect.visma.com/connect/token --header 'content-type: application/x-www-form-urlencoded' --data 'grant_type=authorization_code&redirect_uri=https%3A%2F%2Fdemoapp.example.com/oauthcallback%2Fcallback&code=94c99b73c13c1e39f7b0a7d259628338&client_id=demoapp&client_secret=SECRET'

 

Let me know if this helps you.

0 Kudos
eriksjolander
CONTRIBUTOR *

In response to Marten Voort
‎20-03-2024 13:47
by eriksjolander

After making the changes you suggested, we still get the same error when trying to get a token for the customer. It still works perfectly fine when we try with our own test users.

0 Kudos
Choose your region:
Choose your Region
Go