API quickguide

Erik Söderlund - 19 May, 2022
First of all, we would like to thank you for your time and interest in Björn Lundén AB’s API! In this tutorial we hope to guide you through the steps needed to complete your first successful calls to them.

Step 1 – onboard your integration
Visit https://developer.bjornlunden.se/get-started/ and complete the necessary steps to acquire the API credentials. We use OAuth 2.0 Client Credentials Flow to identify your integration in our system, and GUID’s for identifying specific companies/databases. Worth noting is that once you get the credentials and complete the onboarding process through the link we send you during that process, you also will have access to a sandbox company representing your first connected customer or client. This sandbox company will be loaded with fake data for you to hit the ground running in your implementation work.

Step 2 – Get an access token
Call our identity server to get an access token. Each token is valid for 3600sec/1h and multiple tokens can be used simultaneously (but please use best practises by reusing tokens while valid, not to overburden our servers).

curl
--location --request POST 'https://apigateway.blinfo.se/auth/oauth/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-raw'grant_type=client_credentials&scope=&client_id={your_client_id}&client_secret={your_client_secret}'

The above call will give you an answer like such:
Step 3 – Get list of connected companies/clients
This call will give you the list of id’s to connected companies. Once you go live with your finished integration, this list will grow as more companies connect themselves through our Marketplace, but if this is the first time you call this endpoint, the list most likely will consist of only the one Sandbox company that we created and connected to you as part of the onboarding in Step 1. These GUID’s are global and static in our systems, and potentially suitable to persist in your system as an identifier for the same company on your end as well.

alt.1
curl
--location --request GET ‘{baseUrl}/meta/allKeys’ \
--header ‘Content-Type: application/json’ \
--header ‘Authorization: Bearer
The answer will be an JSON array of GUID’s each representing a connected company that you are allowed to access through the API.

alt.2
curl
--location --request GET ‘{baseUrl}/common/client’ \
--header ‘Content-Type: application/json’ \
--header ‘Authorization: Bearer
The answer will be a JSON body containing the name, GUID(s), email address and scopes for each connected company that you are allowed to access through the API.

For the Sandbox, you will have extensive rights to enable you to develop your integration to your liking. But when you are ready to go live, we will validate and agree on which endpoints and scopes you will use in production. The ever-growing list of possible calls can be found as Swagger here https://developer.bjornlunden.se/api-documentation

Step 4 – make a call to your Sandbox company
The only additional thing needed from step 3, to make a call regarding a specific company, is the HEADER “User-Key” with the GUID value found in step 3.

curl
--location --request GET '{baseUrl}/details' \
--header 'Content-Type: application/json' \
--header 'User-Key: ' \
--header 'Authorization: Bearer '

That will give you an extensive JSON object with the details of the company identified by “User-Key”. (More information about the response for this call can be found here: https://developer.bjornlunden.se/api-documentation/ under “details” – where you also can find complete Swagger specs)

Finally
We hope you found this quick guide helpful, and that you will find our API intuitive and productive.
Also please don’t hesitate to reach out to us through Slack https://developer.bjornlunden.se/slack/ if you run into trouble or if you have suggestions or feature requests in the API! We are also available through api@bjornlunden.se if that is more convenient for you. Best of luck!

/The Dev Team @Björn Lundén AB