API keys
If you are a Vipps MobilePay partner, please see Partner keys.
API keys are unique for each sales unit and provide authentication for doing payment operations with the sales unit. These are like passcodes that confirm your identity and that your API request is valid.
Production and test keys
The API keys are linked to a specific test sales unit and can only be used for this unit.
The test environment and production environments are completely separate. You will, therefore, need to use a different set of API keys for the test environment versus the production environment.
- API keys for the test environment: Normally available a few minutes after the sales unit is created. See How to create a test sales unit for details.
- API keys for the production environment: Normally available after a few days after application, depending on the workload and whether we need additional information.
Use caution with storing and transferring API keys.
- Vipps MobilePay will never ask for your API keys, and you must keep them secret.
- Always send API keys by encrypted email.
- Merchants: If you accidentally share your API keys, you must generate new ones by clicking the regenerate button on your portal.vippsmobilepay.com page.
- Partners: For keys other than merchant API keys, contact the partner team. For merchant keys, the merchant needs to generate new ones on the portal.
- Update your integrations, so they will continue working.
Getting the API keys
There are no API keys for Shopping Basket or Open Amount sales units, because these don't have an API interface.
You can find the API keys for your test or production sales unit in the merchant portal, portal.vippsmobilepay.com. (Need help logging in?)
-
Select For developers in the sidebar. With the API keys tab selected, you should see a table with sales units.
-
Select either Production or Test, depending on the type of sales unit you are looking for.
-
Find the sales unit in the table and click the corresponding Show keys button. A panel will open where you can copy the values of each key.
For example:
If you need to get/give the API keys from/to someone, be sure to do it securely. If you can't do that, then create a portal user for that person, and give them basic access to the sales unit.
API key details
The keys are:
| API Key Name | Description | Format | Example |
|---|---|---|---|
client_id | Client ID for the sales unit (the "username") | GUID | fb492b5e-7907-4d83-bc20-c7fb60ca35de |
client_secret | Client secret for the merchant (the "password") | Base64 | Y8Kteew6GE3ZmeycEt6egg== |
Ocp-Apim-Subscription-Key (primary) | Subscription key for the API product | Base64 | 0f14ebcab0eb4b29ae0cb90d91b4a84a |
Ocp-Apim-Subscription-Key (secondary) | Subscription key for the API product | Base64 | 0f14ebcab0eb4b29ae0cb90d91b4a84a |
The client_id and client_secret are used with the
Access token API
to get an access token to use for all subsequent API requests.
There is both a primary and secondary Ocp-Apim-Subscription-Key and these are interchangeable:
You can use either one, they both work in the same way.
Having two active keys enables you to
regenerate one subscription key, while still using the other key, without downtime.
If you want, you can just ignore the second key.
The same API keys are used for many types of integration: Direct integration, native apps for iOS and Android, point of sale integrations, all the Vipps MobilePay plugins and any other solution based on the APIs.
The Merchant Serial Number is not an API key, but it is an important value that you will also use in several API requests. This is a unique identifier that is defined when a sales unit is created. You can also find it here, in the same place as the API keys.