Service Applications
  • 30 Sep 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Service Applications

  • Dark
    Light
  • PDF

Article summary

A service application doesn’t involve the end-user in the authorization process. These applications are strictly used to call APIs and use the client_credentials OAuth2 grant type to obtain Access Tokens from the Authorization Server by providing it's credentials and the set of scopes (permissions) it requests.

Token request

Service applications are using the client_credentials OAuth2 grant type to obtain Access Tokens.

Example:

curl --request POST --url https://connect.visma.com/connect/token --header 'content-type: application/x-www-form-urlencoded' --data 'grant_type=client_credentials&scope=visma_api:read&client_id=demoapp&client_secret=SECRET&tenant_id=af1140c1-52e0-46c7-b684-df894d4b8a5a'

Parameters:

Name

Example Value

Required

Description

grant_type

client_credentials

yes

As defined in the OAuth 2.0 specifications, this field must contain value of client_credentials.

scope

visma_api:read

The “visma_api:read” scope-name above is just an example - check your API documentation for scope(s) to use.

yes

Identifies the Visma API access that your application is requesting. Multiple scopes separated by a space.

client_id

demoapp

yes

The Client ID set when application was registered. Identifies which app is making the request.

client_secret

The secret obtained when registering the application

yes

This is your application's Client Secret.

tenant_id

af1140c1-52e0-46c7-b684-df894d4b8a5a

no

Identifies the tenant for which your application wants to access API data. This parameter is required for tenant based APIs Read more

Your application needs to be granted permission by the tenant administrator before using the tenant_id on the token request.

If successful, this call will return a neatly packaged token that you can use to make authenticated calls to the Visma API resources. The response will contain the following fields:

{ 
 "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjVENDc....7MTOBbdd5mgb2CHzxL0RFjs24pqC1pCeUqOjbg",
 "expires_in": 3600,
 "token_type": "Bearer",
 "scope": "visma_api:read" 
}

Refresh Tokens are never issued to service applications since the application can obtain a new token whenever needed without involving the end-user.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.