Download OpenAPI specification:Download
The PSP API allows Payment Service Providers (PSPs) to process Vipps payments as a part of their payment offerings. See the PSP API guide for more details.
Initiate a payment
| Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
| Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique ID for the sales unit to which this payment is made. This is the identity of the merchant's sales unit. |
| Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a This is your PSP subscription key, used to create and manage payments for all your merchants. Keep it secret. |
| Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP ID is provided by Vipps. This is the PSP's ID, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
| Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
| Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
pspInitiatePaymentRequest
| pspTransactionId required | string <= 36 characters [a-z0-9] Used as a globally unique per PSP transaction reference for the PSP systems |
| merchantOrderId required | string <= 50 characters ^[a-zA-Z0-9-]{1,50}$ Id which uniquely identifies a payment. Maximum length is 50 alphanumeric characters: a-z, A-Z, 0-9 and '-'. See: https://developer.vippsmobilepay.com/docs/knowledge-base/orderid/ (merchantOrderId is similar to orderId). |
| customerMobileNumber | string <= 8 characters ^\d{8} Mobile number (eight digits) of the user who has to pay for the transaction from Vipps. |
| amount required | integer <int32> Amounts are specified in minor units. For Norwegian kroner (NOK) that means 1 kr = 100 øre. Example: 499 kr = 49900 øre. |
| currency required | string Default: "NOK" ISO 4217 defined currency code. Vipps currently only supports NOK. |
| pspRedirectUrl required | string Vipps will use this URL to redirect end user after payment confirmation. Important: Do not rely on the user always reaching this URL, as some users may close Vipps immediately after seeing the payment confirmation, therefore not being "redirected" back to the merchant. |
| makePaymentUrl required | string PSP URL used by Vipps to send the network token. See: https://developer.vippsmobilepay.com/docs/APIs/psp-api/vipps-psp-api/#makepaymenturl |
| makePaymentToken | string <= 255 characters PSP-specified |
| paymentText | string <= 100 characters Text to be displayed to end user. The text should be as user-friendly and informative as possible. See: https://developer.vippsmobilepay.com/docs/knowledge-base/transactiontext/ (transactionText is similar to paymentText). |
| isApp | boolean Default: false Optional parameter. Indicates whether payment request is triggered from a mobile app or a web browser. See: https://developer.vippsmobilepay.com/docs/knowledge-base/app-flow/ |
| skipLandingPage | boolean Default: false Optional parameter.
Skips the landing page for whitelisted sales units.
Requires a valid |
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "customerMobileNumber": "92929292",
- "amount": 49900,
- "currency": "NOK",
- "makePaymentToken": "lfkhwef3op48yufpcno3fh34qp8fyncpf83hy4",
- "paymentText": "One pair of Vipps socks",
- "isApp": false,
- "skipLandingPage": false
}{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
}Since Vipps doesn't process the PSP transactions, updates on payment status are required in order to deliver expected customer experience. That means that PSP has to inform Vipps about any PSP payment status change through this endpoint.
Valid requests get a HTTP 200 OK response, but the actual update is done in a batch job during the night. See the API guide for more details:
https://developer.vipps.com/docs/APIs/psp-api/vipps-psp-api#batch-processing-of-status-updates
| Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
| Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique ID for the sales unit to which this payment is made. This is the identity of the merchant's sales unit. |
| Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a This is your PSP subscription key, used to create and manage payments for all your merchants. Keep it secret. |
| Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP ID is provided by Vipps. This is the PSP's ID, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
| Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
| Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
pspPaymentStatus
Array of objects (TransactionInfo) | |||||||||||||
Array
| |||||||||||||
{- "transactions": [
- {
- "pspTransactionId": "7686f7788898767977",
- "status": "CAPTURED",
- "amount": 49900,
- "currency": "NOK",
- "paymentText": "One pair of Vipps socks",
- "operationStatus": "SUCCESS"
}
]
}{- "responseInfo": {
- "responseCode": "9000",
- "responseMessage": "SUCCESS"
}
}Get the details of a payment
| pspTransactionId required | string Example: 7686f7788898767977 Used as a globally unique per PSP transaction reference for the PSP systems. |
| Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
| Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique ID for the sales unit to which this payment is made. This is the identity of the merchant's sales unit. |
| Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a This is your PSP subscription key, used to create and manage payments for all your merchants. Keep it secret. |
| Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP ID is provided by Vipps. This is the PSP's ID, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
| Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
| Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "transactionSummary": {
- "capturedAmount": 49900,
- "remainingAmountToCapture": 0,
- "refundedAmount": 0,
- "remainingAmountToRefund": 49900
}, - "transactionLogHistory": [
- {
- "amount": 49900,
- "paymentText": "One pair of Vipps socks",
- "timeStamp": "2018-06-13T18:34:25-07:00",
- "operation": "CAPTURED",
- "operationSuccess": false
}
]
}This endpoint allows developers to approve a psp payment through the PSP API without the use of the Vipps app. This is useful for automated testing. The endpoint is only available in our Test environment. Attempted use of the endpoint in production is not allowed, and will fail. Important: All test users must manually approve at least one payment in Vipps (using the app) before this endpoint can be used for that user. See: https://developer.vipps.com/docs/knowledge-base/test-environment/
| pspTransactionId required | string Example: 7686f7788898767977 Used as a globally unique per PSP transaction reference for the PSP systems. |
| Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
| Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a This is your PSP subscription key, used to create and manage payments for all your merchants. Keep it secret. |
| Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique ID for the sales unit to which this payment is made. This is the identity of the merchant's sales unit. |
| Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP ID is provided by Vipps. This is the PSP's ID, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
| Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
| Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/knowledge-base/http-headers/ |
ForceApproveRequest
| customerPhoneNumber required | string^\d{8}$ Target customer phone number. 8 digits. |
| token required | string The token value received in the |
{- "customerPhoneNumber": "12345678",
- "token": "eyJraWQiOiJqd3R"
}Used by Vipps to send the card network token from the Vipps token requestor service to the PSP to complete the initialized transaction. The PSP will use the token to process the payment and then send the outcome (RESERVE, CAPTURE or REJECT) to Vipps using the POST:/updatestatus endpoint. Communication security is established by using 1-way SSL and makePaymentToken. The response must use Content-Type application/json.
| Authorization required | string Token provided by the PSP as 'makePaymentToken' in the
|
makePaymentRequest
| pspTransactionId required | string Used as a globally unique per PSP transaction reference for the PSP systems |
| merchantSerialNumber required | string = 6 characters ^\d{6}$ The identity for the merchant's sales unit (MSN). |
| paymentState required | string Enum: "ACCEPTED" "TIMEOUT" "USER_CANCEL" Credit Card Details Encryption Status |
| userToken | string JWT-TOKEN |
| binNumber required | string BIN number for the card |
required | Array of objects (Operation3DSecure) |
| paymentInstrument required | string (PaymentInstrument) Default: "TOKEN" Value: "TOKEN" |
required | object (NetworkToken) |
{- "pspTransactionId": "7686f7788898767977",
- "merchantSerialNumber": "123456",
- "paymentState": "ACCEPTED",
- "userToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated)",
- "binNumber": "492556",
- "operations": [
- {
- "operation": "3dssuccess"
}
], - "paymentInstrument": "TOKEN",
- "networkToken": {
- "number": "5000000000000000001",
- "cryptogram": "aFgdgjdkfgjdFDF=",
- "expiryMonth": "03",
- "expiryYear": "2030",
- "tokenType": "VISA",
- "eci": "7"
}
}{- "errorMessage": {
- "errorId": "82",
- "errorText": "Refused by Issuer"
}, - "paymentInfo": {
- "pspTransactionId": "7686f7788898767977",
- "status": "OK",
}
}