Quick start

This guide takes you through all the QR API requests.

Before you begin

Sign up as an organization with Vipps MobilePay and get your API keys:

• client_id - Client_id for a test sales unit.
• client_secret - Client_secret for a test sales unit.
• Ocp-Apim-Subscription-Key - Subscription key for a test sales unit.
• merchantSerialNumber - The unique ID for a test sales unit.

If you're new to the platform, see Getting started for information about API keys, product activation, and the test environment.

The provided example values in this guide must be changed with the values for your sales unit and user. This applies for API keys, HTTP headers, reference, phone number, etc.

Your first QR code

Step 1 - Setup

If using Postman, download the following files and import them into Postman. Select the global environment as your active environment and update the Current Value field with your own values for the API keys and mobile numbers (both with and without country code). 🔥 Do not store production keys in the cloud. 🔥

• Download QR API Postman collection
• Download Global Postman environment

Step 2 - Get an access token

Get an access_token from the Access token API: POST:/accesstoken/get.

curl

Send request "Get Access Token"

Postman

curl -X POST 'https://apitest.vipps.no/accesstoken/get' \
-H "Content-Type: application/json" \
-H 'client_id: YOUR-CLIENT-ID' \
-H 'client_secret: YOUR-CLIENT-SECRET' \
-H 'Ocp-Apim-Subscription-Key: YOUR-SUBSCRIPTION-KEY' \
-H 'Merchant-Serial-Number: YOUR-MSN' \
--data ''

For production, include all the Vipps-System headers so that we can help with debugging any problems. For details, see HTTP headers.

The property access_token should be used as the Bearer token in the Authorization header of all the following API requests.

Merchant Redirect QR

A merchant redirect QR contains a link to your webshop. When the user scans this with their phone, your website will open.

Vipps

MobilePay

Generate a merchant redirect QR with: POST:/qr/v1/merchant-redirect.

curl

Send request "Merchant Redirect QR > Generate QR"

The qr-id variable is now set in the environment for use with subsequent calls.

Ctrl+click the link to see the QR code. Scanning the QR should open the specified URL on your phone.

The result from this request provides a URL with its own JWT token, which will expire. Get a new token by calling Get QR by id.

Postman

curl -X POST https://apitest.vipps.no/qr/v1/merchant-redirect \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR-ACCESS-TOKEN" \
-H "Ocp-Apim-Subscription-Key: YOUR-SUBSCRIPTION-KEY" \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H 'Idempotency-Key: YOUR-IDEMPOTENCY-KEY' \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-d '{
    "redirectUrl": "https://example.com/mywebshop",
    "id": "UNIQUE-QR-ID"
}'

Enter the returned link into a browser. It will show the QR code. Scanning the QR should open the specified URL on your phone.

The result from this request provides a URL with its own JWT token, which will expire. Get a new token by calling GET:/qr/v1/merchant-redirect/{qr-id}.

Relevant examples:

• Static QR directing to the merchant site for payment
• Static QR directing to the merchant site for product selection

One-time payment QR

A one-time payment QR (also called dynamic QR) is connected to a payment. When the user scans this QR with their phone, the Vipps app will open and present them with the payment request.

If you are using the ePayment API in your solution, you do not need to use the QR API. See Dynamic QR directing to the app for payment for an example.

Legacy method for eCom API

Create a payment and get the unique payment reference.

curl

Send request "Initiate Payment"

The orderId and vippsLandingPageUrl variables are now in the environment of this Postman example.

Postman

curl -X POST 'https://apitest.vipps.no/ecomm/v2/payments/' \
-H "Authorization: Bearer YOUR-ACCESS-TOKEN" \
-H "Ocp-Apim-Subscription-Key: YOUR-SUBSCRIPTION-KEY" \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H 'Idempotency-Key: YOUR-IDEMPOTENCY-KEY' \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-d '{
  "customerInfo": {
    "mobileNumber": "12345678"
  },
  "merchantInfo": {
    "merchantSerialNumber": "123456",
    "callbackPrefix":"https://example.com/vipps/callbacks-for-payment-update-from-vipps",
    "fallBack": "https://example.com/vipps/fallback-result-page-for-both-success-and-failure/acme-shop-123-order123abc",
  },
  "transaction": {
    "amount": 49900,
    "orderId": "UNIQUE-PAYMENT-REFERENCE",
    "transactionText": "One pair of socks.",
}
}'

Note that orderId must be unique for each payment you create.

Take note of the URL that is returned in the response body and provide it in the POST:/qr/v1 request to generate the one-time payment QR.

curl

Send request "Generate OTP QR"

This supplies vippsLandingPageUrl to POST:/qr/v1 to provide a URL that can be used to show a QR code.

Ctrl+click the link to see the QR code. Scanning the QR should open the test app on your phone and allow you to complete the one-time purchase.

Postman

curl -X POST 'https://apitest.vipps.no/qr/v1' \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR-ACCESS-TOKEN" \
-H "Ocp-Apim-Subscription-Key: YOUR-SUBSCRIPTION-KEY" \
-H "Merchant-Serial-Number: YOUR-MSN" \
-H "Vipps-System-Name: acme" \
-H "Vipps-System-Version: 3.1.2" \
-H "Vipps-System-Plugin-Name: acme-webshop" \
-H "Vipps-System-Plugin-Version: 4.5.6" \
-d '{
    "url": "https://apitest.vipps.no/dwo-api-application/v1/deeplink/vippsgateway?v=2&token=eyJraWQiOiJqd3RrZXkiLCJhbGciOiJSUzI1NiJ<truncated>"
}'

Next steps

See the QR API guide to read about the concepts and details.