Klarna Docs - Integrate with Klarna payments

Integrate with Klarna payments

Sign in with Klarna integrates with Klarna payments, so users are authenticated only once during sign in and checkout.

The Sign in with Klarna access token is passed to Klarna payments in order to skip a second authentication step for the user.

As a prerequsite, make sure Klarna payments is integrated with your checkout. If this isn't the case, perform a Klarna payments integration.

Refresh tokens are valid for 90 days by default. You can also request a different length to match your login sessions.

To use the refresh token for getting new access, refresh, and id tokens, the client needs to perform a token exchange through a POST request to the token endpoint https://login.klarna.com/{region}/lp/idp/oauth2/token.

To get a success response, include the following required parameters in your POST request to https://login.klarna.com/{region}/lp/idp/oauth2/token.

ParameterDescription
refresh_tokenThe new token to be used for future refresh requests.
client_idThe client identifier of your application. It's the same client_id that is used with the SDK to sign in.
grant_typeAs defined in the OAuth 2.0 specification, this field must contain a value of refresh_token.

To refresh the tokens on playground, please use the following URLs.

EU: https://login.playground.klarna.com/eu/lp/idp/oauth2/token
NA: https://login.playground.klarna.com/eu/lp/idp/oauth2/token

Example of a refresh token request

JAVASCRIPT
POST /oauth2/token HTTP/1.1 
Content-Type: application/x-www-form-urlencoded
login.klarna.com/eu/lp/idp/oauth2/token?grant_type=refresh_token&refresh_token=my-old-refresh-token&client_id=my-client-id

Success response

Klarna responds to the request by returning a JSON object that contains the short-lived access_token and long-lived refresh_token and id_token.

JSON
{
"id_token":"jwt-id-token",
"access_token":"jwt-access-token", 
"expires_in":299, 
"token_type":"Bearer", 
"refresh_token":"opaque-refresh-token" 
}

Refresh tokens can only be used once. For that reason, you have to replace the refresh_token you have used to make the refresh request with the new refresh_token returned in response to the request.

Pass the new access_token to Klarna payments create credit session

Now that you have a fresh access_token, include it in the POST create a payment session request to the Klarna payments API. Add the key to the customer object as klarna_access_token key as shown in the example below.

If the klarna_access_token is valid, the user will be recognized by Klarna payments. Otherwise, the user will be asked to re authenticate.

JSON
{
  ...
  "customer": {
    ...
    "klarna_access_token": "access_token"
    ...
  }
  ...
}

Follow the Klarna payments documentation for guidance on integrating Klarna payments. The access_token passed in the create payment session request will allow the user to be recognized in the purchase flow.