Skip to main content

HTTP headers

Please use the following HTTP headers for all requests to the APIs. These headers provide useful metadata about the merchant's system, which help us improve our services, and also helps in investigating problems.

These headers are required for plugins and partners and sent by the official plugins. We strongly recommend that all customers with direct integration with the API to also do so.

Partners must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. It can speed up any troubleshooting of API problems quite a bit.

Example headersโ€‹

For example, if the merchant's name is "Acme AS" and they offer three different systems: point of sale (POS) integration, web shop, and vending machines, the headers could be:

HeaderDescriptionExample value for POSExample for web shopExample for vending machineExample for WooCommerce pluginExample for Checkout plugin
Vipps-System-NameThe name of the solutionAcme CommerceAcme CommerceAcme CommerceWooCommerceWooCommerce
Vipps-System-VersionThe version number of the solution1.
Vipps-System-Plugin-NameThe name of the pluginacme-posacme-webshopacme-vendingwoocommerce-paymentwoocommerce-checkout
Vipps-System-Plugin-VersionThe version number of the plugin3.
Merchant-Serial-NumberThe MSN for the sales unit123456123456123456123456123456


  • Please use self-explanatory, human-readable and reasonably short values that uniquely identify the system (and plugin).
  • The max length of each header is 30 characters. See the API specification for details.

If the Vipps-System-Plugin-* headers do not make sense to you, you can simply send the same as for Vipps-System-*. The important thing is that you send as much useful information as possible, so it is as easy as possible to solve problems with your API requests if there are any.


Many API requests to the APIs can be retried without any side effects by providing Idempotency-Key(in older APIs, this may be called, Request-Id) in the header of the request.

For example, in case the request fails because of network error, it can safely be retried with the same Idempotency-Key key without causing a duplicate. The Idempotency-Key key must be generated by the merchant according to the API specification.

Example HTTP request with all HTTP headersโ€‹

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni <truncated>
Ocp-Apim-Subscription-Key: 0f14ebcab0ec4b29ae0cb90d91b4a84a
Merchant-Serial-Number: 123456
Vipps-System-Name: acme
Vipps-System-Version: 3.1.2
Vipps-System-Plugin-Name: acme-webshop
Vipps-System-Plugin-Version: 4.5.6
Idempotency-Key: 49ca711a-acee-4d01-993b-9487112e1def

Help us improve our documentation

Did you find what you were looking for?