Getting started


Visma Connect

Alright - we explained all about Visma Connect and OAuth 2.0 in the introduction, now let's get into it.

In this section we'll get an application that we can use for our one to many integration. So we only have to go through this once, and then we can connect to all of our users through our application.

IMPORTANT ❗ I will warn you right now, this is the longest and most important section of our documentation. It will help you get your application setup in a beneficial way and getting smoothly through the application process.

You are welcome, of course, to go at it yourself, but be warned. There are a few pitfalls and it will probably end up taking a lot longer.

When your done setting up Visma Connect, we highly recommend getting a test company in Dinero and following along with our tutorial, or at the very least, reading through it.

Once you're all setup, we recommend taking some time to go over the Visma Connect Documentation.

Check it out!

Want to see exactly how all of this will work in your own application? Our very quick demo right below, a 30 second video, will go over all the essentials of how it'll look and function in practice.

Creating an account

First of all, you need to create an account for the Visma Developer portal.

You can sign up here.

Make sure during the setup, to set your teams country to Denmark, otherwise you might not be able to apply for Dinero scopes later on.

my team set to denmark

Once you've signed up, you should see something that looks like this:

menu and smiley on visma connect landing page

Now we're ready to get started - go to My Applications in the top menubar and in the top right, you can click Add Application.

screenshot showing the add application and more button

IMPORTANT ❗ It's on purpose the "More" menu is folded out here. The Debugger can help so much, when the first attempt to authorize inevitably fails. If it does, you'll get an error code, that you can paste into the Debugger, and get feedback on why the attempt failed. It might take a few seconds, so have a little patience. πŸ‘

If you ever need to change anything in your application, this is also where you'll need to go.

Creating our Application

First of, and this is also very important, and another reason to read through this tutorial, you must choose web application, as it is currently our only supported type.

screenshot showing the three application options, with web selected

Setting up our Application

Alright, in this next step we'll have a lot of things going on, lets break it into smaller pieces.

screenshot showing the application name filled out

First off, we need to give our application a name, now this is fairly important as well. We need to be able to identify your application based on your name and Client ID.

IMPORTANT❗ We'll only approve applications whose name and client id can uniquely identify the company behind the integration. For instance "test-application" would certainly be rejected, while "Vibrant" would be approved. We do this, so we can easily identify the company behind any request to our API.

Grant and offline access

Now next up, we'll need to setup our grants and offline configuration if we want that.

screenshot showing the application grants filled out

Here we have a few things going on, and some things to explain. Offline access just means, that our user doesn't need to go through the approval steps, every time we'll make a request. This will in most instances be a nice feature, for most integrations, so we'll grab offline access. πŸ‘

Next we'll need to set this up, and we'll recommend the following settings, as shown in the screenshot above.

  1. Get a one-time refresh token
  2. Give it an unlimited expiration
  3. But will expire in the maximum of 30 days if not used

If our integration doesn't use the refresh token within 30 days, then our user would need to authorize our application again. If we build something, that makes sure that we'll use our refresh token and grab a new one within 30 days, then we'll never have to bother our users again. Great right?

You can also let your refresh token expire after 3 months regardless, but after that, the user will need to re-authorize. This is certainly a matter of preference, but we recommend the shown setup.

Setup redirect URI

Alright, we're almost done here!

First of, make sure to turn off OpenID Connect by default - unless you really want to work with it. Our tutorial and postman collection doesn't support it.

screenshot showing our redirect URI setup for postman

For the last obligatory part, we need to set a redirect URI. For our purpose, and if you wish to follow the next steps of our tutorial, we'll set this up for Postman.

Now if you use the browser version of Postman, like I'll do here, you need to use the URI:

πŸ‘‰ https://oauth.pstmn.io/v1/browser-callback

Or if you use the Desktop version of Postman, it'll be:

πŸ‘‰ https://oauth.pstmn.io/v1/callback

Finally!

Click save in the bottom and lets move on!

Credentials

Now this part might be self-explanatory, but we need some credentials. Obviously we already have our Client ID which will be isv_ourname. Again I'd like to remind you to pick a client name that can easily identify your company.

screenshot showing the credentials page with a secret

But on top of our Client ID, we need a Client Secret. So lets head to the Credentials tab, and generate a secret. Once done, you can copy your secret and save it somewhere safe.

What is great about Visma Connect, is we can go back here if we ever lose our secret and easily create a new one!

Scopes

YES! We've done it. Lets go to Integrations and click New Integration

screenshot showing the integration page with the new integration button

Choose to integrate to Dinero. Now the final thing is scopes.

If you do not see Dineros scopes at this point, go to My Team, and make sure your country is set to Denmark.

You can apply for Write and Read (NOT Internal). If you apply for our Internal API, it will be rejected. ❌

So apply for the following scopes:

βœ… Scope: Read

βœ… Scope: Write

❌ Scope: Internal

Obviously you don't need to apply for both read and write, if you only need one or the other for your integration.

And with that you're done.

Once you actually start asking for authorization, make sure to use the scopes:

dineropublicapi:read dineropublicapi:write offline_access

Wait for approval and be on your way

Now we'll approve or reject your application. This will usually take up to a work day. To speed up the process you can go through the following:

  • Choose a suitable application and client ID name that can easily identify your company
  • Only apply for read and write scopes

And well - that's it. You'll get an email with either the approval or rejection.

The next step we highly recommend is following along with our Tutorial, or at the very least reading through it.

You can also take some time at this point to read through the Visma Connect Documentation. If you've been following along, then you've probably noticed that it's right there in the top, once we're logged into Visma Connect. πŸ‘


Could we improve these docs or do you have any questions? Please write us at api@dinero.dk