Quick start
Use the Login API to confirm your identity through the log-in process.
Before you beginโ
The provided example values in this guide must be changed with the values for your sales unit and user. This applies for API keys, HTTP headers, reference, phone number, etc.
Log in with browserโ
Step 1 - Setupโ
You must have already signed up as an organization with Vipps MobilePay and have your test credentials from the merchant portal.
You will need the following values, as described in the Getting started guide:
client_id- Client_id for a test sales unit.client_secret- Client_secret for a test sales unit.Ocp-Apim-Subscription-Key- Subscription key for a test sales unit.merchantSerialNumber- The unique ID for a test sales unit.mobileNumber- The phone number for the test app profile you have received or registered.redirect_uri- The website to send the user to after they log in. This must be exactly the same redirect uri as the one you specified on your sales unit in the merchant portal.
- curl
- Postman
Please note: To prevent your sensitive data and credentials from being synced to the Postman cloud, store them in the Current Value fields of your Postman environment.
In Postman, import the following files:
๐ฅ To reduce risk of exposure, never store production keys in Postman or any similar tools. ๐ฅ
Update the Current Value field in your Postman environment with your Merchant Test keys. Use Current Value field for added security, as these values are not synced to the cloud.
No additional setup needed :)
Step 2 - Get OIDC well-known endpointโ
Get configuration information for OpenID Connect clients by using OpenID configuration endpoint.
- curl
- Postman
Send Get OIDC well-known
curl https://apitest.vipps.no/access-management-1.0/access/.well-known/openid-configuration \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-X GET
The URL of the OpenID Provider's OAuth 2.0 Authorization Endpoint is provided in the response.
Step 3 - Log inโ
Log the user in by using OpenID Connect.
- curl
- Postman
In your active Postman environment, copy the value of key start_login_uri and paste it into the address field of any browser.
Compose the URI in this format (OAuth 2.0 Authorize):
https://apitest.vipps.no/access-management-1.0/access/oauth2/auth?client_id=YOUR-CLIENT-ID&response_type=code&scope=openid%20name%20phoneNumber%20address%20birthDate&state=8652682f-ba1d-4719-b1ec-8694ba97bde7&redirect_uri=http://localhost
Paste the URL into the address field of any browser.
Finish the login. If you have not yet consented to sharing your user information, a new screen will be presented in the app requesting your consent.
If you have already completed this process and selected Remember me in browser earlier, this will take you straight to the redirect URL.
Step 4 - Get tokenโ
On the redirect URL page, copy the code value out from the address field in the URL.
- curl
- Postman
Paste the code into the key code in the active Postman environment and then get the token.
Send request Get token
Use the code in the following command.
You will also need to generate client authorization.
The client credentials is a base64-encoded string consisting of the client_id and secret issued by Vipps.
Example in JavaScript:
var client_id = 123456-test-4a3d-a47c-412136fd0871
var client_secret = testdzlJbUZaM1lqODlnUUtrUHI=
var wordArrayAzp = CryptoJS.enc.Utf8.parse(client_id + ":" + client_secret);
var client_authorization = CryptoJS.enc.Base64.stringify(wordArrayAzp);
curl https://apitest.vipps.no/access-management-1.0/access/oauth2/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Basic {client credentials}' \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-X POST \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=THE CODE FROM THE URL' \
--data-urlencode 'redirect_uri=http://localhost'
Copy the access token from the response.
Step 5 - (Optional) Get userinfoโ
Send request Get Userinfo. This uses GET:/vipps-userinfo-api/userinfo/.
Use the access token from the previous step.
- curl
- Postman
Send request Get userinfo
curl https://apitest.vipps.no/vipps-userinfo-api/userinfo/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni <truncated>" \
-H "Ocp-Apim-Subscription-Key: 0f14ebcab0ec4b29ae0cb90d91b4a84a" \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-X GET
Next stepsโ
See the Login API guide to read about the concepts and details.
For more examples, see the step-by-step instructions in the Login API Postman guide.