Create Your Application

  • Updated on Jun 19, 2024
  • Published on Mar 14, 2024
  • 1 minute(s) read

  1. All your teams applications are displayed under the My Applications page. You can create, update and delete your applications from this page. There's also a shortcut in the Start Page that can be used to trigger registration of a new application.

  2. Click the “Add Application” button and select your desired Application type.

    DevPortal_appTypeSelector

Application Type

OAuth Grant Types

Description

Web

  • authorization_code, with or without Proof of Key for Code Exchange (PKCE) extension.

  • client_credentials, typical machine-to-machine use case

  • refresh_token, for offline access support.

Application which runs on a web server. These applications are considered confidential since they can maintain the confidentiality of it's secret(s) and tokens.

Native

  • authorization_code, with Proof of Key for Code Exchange (PKCE) extension.

  • refresh_token, for offline access support.

  • client_credentials, typical machine-to-machine use case

Native applications are installed by users on their devices (mobile or desktop). These applications are considered public and no secrets are issued to them.

Single-Page-App

  • authorization_code, with Proof of Key for Code Exchange (PKCE) extension.

  • refresh_token, for offline access support.

  • client_credentials, typical machine-to-machine use case.

Single-page apps (or browser-based apps) run entirely in the browser after loading the Javascript and HTML source code from a web page. These applications are considered public and no secrets are issued to them.

Service

  • client_credentials, typical machine-to-machine use case

Application which runs on a server or on customer's premise. These applications are considered confidential.

These applications are usually used in a "backend" machine-to-machine integration.

Marketing

n/a

These applications are not OAuth applications and does not sign in the user.

  1. Fill the details of your application. The Name and Client ID are unique in the portal.

    DevPortal_appDetails

Once the application is saved, you can Create it. This is the moment when the application is created in Visma Connect Authorization Server and can be used in OAuth 2.0/OpenID Connect flows.

When you are making configuration changes, please allow a minute or two for the change to take effect on the Authorization Server as there is a cache involved.

Identity Scopes

When OpenID Connect is enabled, your application can be configured with additional Identity Scopes that grants access to additional details regarding authenticated users. The following table shows available scopes and the claims about authenticated user:

Scope

Claim

Description

openid

sub

Subject, contains unique userID in Visma Connect user directory.

email

email

E-mail address of user.

email_verified

True/False. User has verified access to e-mail address.

profile

name

Full name of user.

given_name

First name of user.

family_name

Surname of user.

locale

User's preferred language, in format en-US.

picture

URI to profile picture of user.

address

address

Returns attribute "country" (ISO2 code) in JSON format. 

{"country":"DK"}

phone

phone_number

User's mobile phone number.

phone_number_verified

True/False. User has verified access to phone number.