QR API (1.0)
Download OpenAPI specification:Download
The QR API enables you to generate Vipps and MobilePay QR codes and merchant redirects for a Vipps MobilePay payment. See the QR API Guide for more details.
Create merchant redirect QR
Generate a QR that works as a redirect back to the merchant
Authorizations:
header Parameters
Accept required | string Enum: "image/*" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/*,image/png, image/svg+xml, text/targetUrl} |
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Request Body schema: application/json
id required | string or null [ 1 .. 128 ] characters ^[-_+%æøåÆØÅ\w\s]*$ Merchant supplied Id for QR |
redirectUrl required | string or null <uri> ^https:\/\/[\w\.]+([\w#!:.?+=&%@\-\/]+)?$ The target url of the QR (redirect destination) |
ttl | integer or null [ 300 .. 2147483647 ] Optional time-to-live field, given in seconds |
Responses
Request samples
- Payload
{- "id": "billboard_1",
- "ttl": 600
}
Response samples
- 200
- 400
- 409
- 415
{- "id": "billboard_1",
- "expiresIn": 598
}
Get all merchant redirect QRs
Get all merchant redirect QRs for this saleunit
Authorizations:
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Accept required | string Enum: "image/*" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/*,image/png, image/svg+xml, text/targetUrl} |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Responses
Response samples
- 200
[- {
- "id": "billboard_1",
- "expiresIn": 598
}
]
Update redirectUrl for merchant redirect QR
Update the redirect url (target destination) of the QR
Authorizations:
path Parameters
id required | string The unique ID for QR |
header Parameters
Accept required | string Enum: "image/*" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/*,image/png, image/svg+xml, text/targetUrl} |
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Request Body schema: application/json
redirectUrl required | string <uri> ^https:\/\/[\w\.]+([\w#!:.?+=&%@\-\/]+)?$ |
Responses
Request samples
- Payload
{
}
Response samples
- 200
- 400
- 404
- 415
{- "id": "billboard_1",
- "expiresIn": 598
}
Delete merchant redirect QR
Delete merchant redirect QR
Authorizations:
path Parameters
id required | string The unique ID for QR |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Responses
Response samples
- 404
{- "type": "string",
- "title": "string",
- "detail": "string",
- "instance": "string",
- "invalidParams": [
- {
- "name": "string",
- "reason": "string"
}
]
}
Get merchant redirect QR by ID
Get merchant redirect QR by ID
Authorizations:
path Parameters
id required | string The unique ID for QR |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Accept required | string Enum: "image/*" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/*,image/png, image/svg+xml, text/targetUrl} |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Responses
Response samples
- 200
- 404
{- "id": "billboard_1",
- "expiresIn": 598
}
Create One Time Payment QR
Endpoint for generating a Vipps MobilePay QR for a merchant payment. Given a valid vippsLandingPageUrl
, this endpoint will return a QR for that payment.
Authorizations:
header Parameters
Accept required | string Enum: "image/*" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/*,image/png, image/svg+xml, text/targetUrl} |
Size | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR |
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Request Body schema: application/json
url required | string Url to the Vipps landing page, obtained from ecom/recurring apis |
Responses
Request samples
- Payload
{- "url": " https://api.vipps.no/dwo-api-application/v1/deeplink/vippsgateway?v=2&token=eyJraWQiO...."
}
Response samples
- 200
- 400
- 415
{- "expiresIn": 544
}
Get all merchant callback QRs
Returns all QR codes that matches the provided Merchant-Serial-Number.
Authorizations:
query Parameters
QrImageFormat | string Enum: "PNG" "SVG" Requested image format. Supported values: {PNG, SVG}. If not provided, SVG is chosen. |
QrImageSize | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR. Only relevant if PNG is chosen as image format. |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number required | string The merchant serial number (MSN) for the sales unit. See API keys. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Responses
Response samples
- 200
- 400
- 403
[- {
- "merchantSerialNumber": "12345",
- "merchantQrId": "27072f82-c4b6-49cd-9838-10f21d87496e",
- "locationDescription": "Kasse 1",
}
]
Get callback QR by ID
Returns the QR code represented by the merchantQrId and Merchant-Serial-Number provided in the path and header respectively. The image format and size of the QR code is defined by the Accept and Size headers respectively.
Authorizations:
path Parameters
merchantQrId required | string The merchant defined identifier for a QR code. |
query Parameters
QrImageFormat | string Enum: "PNG" "SVG" Requested image format. Supported values: {PNG, SVG}. If not provided, SVG is chosen. |
QrImageSize | integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for the QR. Only relevant if PNG is chosen as image format. |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number required | string The merchant serial number (MSN) for the sales unit. See API keys. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Responses
Response samples
- 200
- 400
- 403
{- "merchantSerialNumber": "12345",
- "merchantQrId": "27072f82-c4b6-49cd-9838-10f21d87496e",
- "locationDescription": "Kasse 1",
}
Create or update callback QR
Note: MobilePay integrators that needs to migrate existing QRs cannot use this endpoint. They must use the dedicated endpoint: PUT /v1/merchant-callback/mobilepay/{beaconId}
Creates or updates the QR code that encapsulates the provided merchantSerialNumber
and merchantQrId
.
See Webhooks API to create a webhook that will send callbacks when this QR code is scanned by a Vipps or MobilePay user.
If the endpoint is called with the same merchantQrId
twice or more, it is the last call that defines the location property.
The actual QR code image will not be updated on consecutive calls.
Authorizations:
path Parameters
merchantQrId required | string The merchant defined identifier for a QR code. |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number required | string The merchant serial number (MSN) for the sales unit. See API keys. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Request Body schema: application/json
locationDescription required | string <= 36 characters A description of where the QR code will be located. It will be shown in the app when a user scans the QR code. Examples could be ‘Kasse 1’ , ‘Kiosk’ or ‘Platform 3’. |
category | string (CategoryEnum) Default: "IN_STORE" Enum: "IN_STORE" "VENDING" Category for the QR. Different categories will show different messages in the apps while the user is waiting for the payment/login to show. |
Responses
Request samples
- Payload
{- "locationDescription": "string",
- "category": "IN_STORE"
}
Response samples
- 400
- 403
{- "type": "string",
- "title": "string",
- "detail": "string",
- "instance": "string",
- "invalidParams": [
- {
- "name": "string",
- "reason": "string"
}
]
}
Delete callback QR
Deletes the QR code that matches the provided merchantQrId and merchantSerialNumber.
Authorizations:
path Parameters
merchantQrId required | string The merchant defined identifier for a QR code. |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number required | string The merchant serial number (MSN) for the sales unit. See API keys. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Responses
Response samples
- 400
- 403
- 404
{- "type": "string",
- "title": "string",
- "detail": "string",
- "instance": "string",
- "invalidParams": [
- {
- "name": "string",
- "reason": "string"
}
]
}
Create or update MobilePay QR code
This endpoint is for creating existing MobilePay PoS QR codes. It is meant for merchants that have printed QR codes that they need to assign to a store.
This endpoint will not create a new QR code but rather map the provided beaconId
with the Merchant-Serial-Number,
to make sure the already printed QR code can be re-used.
When the QR code is scanned by MobilePay users, it will result in a callback being sent to the merchant
if the merchant has registered a webhook
for the user.checked-in.v1
event.
The callback will include a MerchantQrId
which in this scenario will equal the beaconId.
Authorizations:
path Parameters
beaconId required | string The MobilePay PoS BeaconId |
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number required | string The merchant serial number (MSN) for the sales unit. See API keys. |
Vipps-System-Name | string <= 30 characters Example: WooCommerce The name of the ecommerce solution. One word in lowercase letters is good. See http-headers. |
Vipps-System-Version | string <= 30 characters Example: 5.4.0 The version number of the ecommerce solution. See http-headers. |
Vipps-System-Plugin-Name | string <= 30 characters Example: woocommerce-payment The name of the ecommerce plugin (if applicable). One word in lowercase letters is good. See http-headers. |
Vipps-System-Plugin-Version | string <= 30 characters Example: 1.2.1 The version number of the ecommerce plugin (if applicable). See http-headers. |
Request Body schema: application/json
locationDescription required | string <= 36 characters A description of where the QR code will be located. This corresponds to the PoS name field from the old MobilePay V10 API. It will be shown in the app when a user scans the QR code. Examples could be ‘Kasse 1’ , ‘Kiosk’ or ‘Platform 3’. |
category | string (CategoryEnum) Default: "IN_STORE" Enum: "IN_STORE" "VENDING" Category for the QR. Different categories will show different messages in the apps while the user is waiting for the payment/login to show. |
Responses
Request samples
- Payload
{- "locationDescription": "cashier_1",
- "category": "IN_STORE"
}
Response samples
- 400
- 403
- 409
{- "type": "string",
- "title": "string",
- "detail": "string",
- "instance": "string",
- "invalidParams": [
- {
- "name": "string",
- "reason": "string"
}
]
}
Exchange user presented QR code for data
Authorizations:
header Parameters
Authorization required | string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string The subscription key for a sales unit. See API keys. |
Merchant-Serial-Number | string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit. |
Request Body schema: application/jsonrequired
qrCode required | string The complete content of the QR code. |
requestedData | Array of strings (RequestedData) Default: ["MSISDN"] Items Value: "MSISDN" |
Responses
Request samples
- Payload
{
}
Response samples
- 200
- 400
{- "msisdn": "4798765432",
- "timestamp": 1634025600,
- "version": "2.0"
}