kalmstrom.com logotype
Home >Tips >PowerShell >Fortnox authentication and SharePoint connection kalmstrom.com site map icon Site map  

Get Fortnox Data to SharePoint with a Flow

A Power Automate tutorial by Peter Kalmström

Fortnox iconFortnox is a Swedish company that develops computer software for financial administration and sells financing services. The security must be high in such a company, so strong authentication and authorization mechanisms have been implemented to ensure that only legitimate users and systems can access the API.

Peter Kalmström, CEO and Systems Designer of kalmstrom.com Business Solutions, has created a Power Automate flow that facilitates the authentication process and lets you integrate your data into SharePoint.

You need access to the Fortnox Developer portal to create the flow described in the demo below. If you don't have that, a system admin can contact the Fortnox support and request a developer license. You also need a Premium Power Automate license, as the HTTP action Peter uses to interact with the Fortnox API is a Premium connector.

The codes needed for access are saved in an API SharePoint list, where the flow can get them:
  • ClientID
  • ClientSecret
  • Base64Creds
  • AuthorizationCode
  • RefreshToken
  • AccessToken
We will get the ClientID and ClientSecret codes when we create a new integration in Fortnox. The authorization code is also given in the browser, but to get it, we need to insert our own ClientID, site and scopes in an URL given by Fortnox. Then we use that URL to approve of the integration and get the AuthorizationCode.

The Base64Creds code is created from the ClientID and ClientSecret codes in an online Base64 Encoder. These four codes are only needed to get the Refresh and Access tokens in a first step, and they can only be used once.

Flow iconAs long as the flow is run at least once every 45 days, we can instead use the latest RefreshToken to get an AccessToken for each authorization.

Flow actions

  1. SharePoint - Get item, for one item from the API list.
  2. Variable - Initialize variable. Two string variables, for the AccessToken and RefreshToken.
    3. Fortnox-SharePoint flow
  3. Control - Condition. New Refresh and Access tokens are needed at each authorization. The RefreshToken creates the AccessToken, and at each run the flow requests a new RefreshToken and saves it in the SharePoint API list for the next run.

    However, the first time there is no RefreshToken, so the flow must have a condition with two cases: if there is a RefreshToken or not.
  4. HTTP - HTTP, two actions to request an AccessToken and RefreshToken. Under True, the dynamic content for the AuthorizationCode is used in the body. Under False, the existing RefreshToken is used instead.

    One more HTTP action is added after Update item, to get the Customers data from the Fortnox API.
  5. Variable - Set variable. Two string variables under True and two under False, for the AccessToken and RefreshToken. The values are the values of the AccessToken or RefreshToken from the HTTP request body.
  6. SharePoint - Update item for the API list, to save the new RefreshToken value.
  7. Control - Apply to each, to loop through the last HTTP action and get customer names.
  8. SharePoint - Create item, to add customer names to the Customers list.



Learn more
back icon
Products Buy Services Tips Books Contact About Us Tools

Security and integrity
Copyright  Kalmstrom Enterprises AB  All rights reserved