NOTE: Before you start to migrate, the integration needs to be set to use OAuth 2.0 flow.
POST https://apps.fortnox.se/oauth-v1/migrateHeaders example
ClientId: 8VurtMGDTeAI
ClientSecret: yFKwme8LEQ
Credentials: OFZ1cnRNR0RUZUFJOnlGS3dtZThMRVE=
Credentials is the Base64 encoding of ClientId and Client-Secret, separated with a colon.
Content-type: application/x-www-form-urlencoded
Authorization: Basic {Credentials}Body example
The body shall be sent by using the "application/x-www-form-urlencoded" format, with a character encoding of UTF-8.
access_token (required) - The legacy token you want to migrate to JWT
access_token={legacy-token}{
"access_token": "xyz...",
"refresh_token": "a7302e6b-b1cb-4508-b884-cf9abd9a51de",
"scope": "companyinformation",
"expires_in": 3600,
"token_type": "bearer"
}Status: 404
Message: Access-token not found
Status: 401
Message: Invalid authorization
Status: 400
Message: Could not create JWT
Status: 403
Message: Not allowed to create JWT for given access-token / Not allowed to create JWT, due to missing license
Can I migrate the same token multiple times?
No, once you exchange your token for a JWT, the old legacy token expires.
Can I migrate from one client ID to another?
No, the migration must use the same client ID.
If we don't support JWT, can I still use the integration after April 30, 2025?
No, if you do not support JWT by April 30, 2025, you will no longer be able to access the Fortnox API.
I don't have access to a developer portal.
Please contact our support team, and they will assist you.
Will my customers be affected?
No, your customers using legacy tokens will not need to re-authenticate.
If I change to oauth2 in the developer portal, will my old legacy tokens stop working immediately?
No, you will still be able to use your legacy tokens up until April 30th.
See our comprehensive documentation regarding the Fortnox API.
Approximately half a million customers are waiting for your integration at our Integrations page.