My Products

Problem getting the access token

by ViktorGastro


We have developed an integration between our web shop and Visma 2000. We have now moved to Visma.Net and are developing an integration to the REST API.

The problem we have is to get an appropriate access token.

We have created an Service (machine-machine) application and generated the client_secret.

The error 'invalid_scope' is however alwaysreturned when  we try to get a new access token using Postman. 




From the document I found that the scope should always be 'financialstasks'.


Is this a correct assumption?

Any help would be greatly appriciated!



by ViktorGastro

Hi Magnus,

Thanks for your reply!

I am aiming for the but I guess the next.gen service would work aswell since this is to add new sales orders.

I have looked through your documentation and can still not get this to work so I am missing something.

* If I need an accesToken for machine to machine (no user interaction) do I need anything else but clientId and clientSecret (and scope)?

* What should in this case scope be for

* Is the correct URI for the authentication server (to get the accessToken)?

* Do I need to put the application on market place even though this is only intended for our internal use and if so, Why?





Accepted solution
Magnus Johnsen


For the normal API there is no "machine to machine" authorization flow, there is only the code grant flow, to get the code you need a user to logon.

For the neXtgen, you do not need to set the application to public, you can use "invite only".


Please let us know what you want to do and what you are having issues with.

How to connect is described in both those documents for their respective endpoints.

We're guessing that the neXtgen is what you have been looking at the most, in that case, please only read the documentation for neXtgen for now to not confuse the two different authentication methods.

by Magnus Johnsen


Is this for the "normal" API or the salesOrder next gen service?

For the normal api, the scope is "financialstasks" but the only available with the code grant flow, please have a look at this:

Generating Token with OAuth 2.0 Authorization Flow


For the neXtGen salesorder the scope should be defined in the developer portal, please have a look at this:

Getting started with the first neXtGen service: ERP Sales Order API