API keys
If you are a Vipps MobilePay Partner, please see Partner keys.
API keys are unique for each sales unit and provide authentication for doing payment operations with the sales unit. These are like passcodes that confirm your identity and that your API request is valid.
The keys are:
| API Key Name | Description | Format | Example |
|---|---|---|---|
client_id | Client ID for the sales unit (the "username") | GUID | fb492b5e-7907-4d83-bc20-c7fb60ca35de |
client_secret | Client secret for the merchant (the "password") | Base64 | Y8Kteew6GE3ZmeycEt6egg== |
Ocp-Apim-Subscription-Key (primary) | Subscription key for the API product | Base64 | 0f14ebcab0eb4b29ae0cb90d91b4a84a |
Ocp-Apim-Subscription-Key (secondary) | Subscription key for the API product | Base64 | 0f14ebcab0eb4b29ae0cb90d91b4a84a |
The client_id and client_secret are used with the
Access token API
to get an access token to use for all subsequent API requests.
There is both a primary and secondary Ocp-Apim-Subscription-Key and these are interchangeable:
You can use either one, they both work in the same way.
Having two active keys enables you to
regenerate one subscription key, while still using the other key, without downtime.
If you want, you can just ignore the second key.
The same API keys are used for many types of integration: Direct integration, native apps for iOS and Android, point of sale integrations, all the Vipps MobilePay plugins and any other solution based on the APIs.
There are no API keys for Shopping Basket or Open Amount sales units, because these don't have an API interface.
The Merchant Serial Number is not an API key, but it is an important value that you will also use in several API requests. This is a unique identifier that is defined when a sales unit is created. You can also find it here, in the same place as the API keys.
Getting the API keys
You can find the API keys on the portal.vippsmobilepay.com, as described in the Merchant portal: How to find the API keys section.
Production and Test Keys
The test environment and production environments are completely separate. You will, therefore, need to use a different set of API keys for the test environment versus the production environment.
- API keys for the test environment: Normally available a few minutes after the sales unit is created. See Developer resources: How to create a test sales unit for details.
- API keys for the production environment: Normally available after a few days after application, depending on the workload and whether we need additional information.
Use caution with storing and transferring API keys.
- Vipps MobilePay will never ask for your API keys, and you must keep them secret.
- Always send API keys by encrypted email.
- If you accidentally share your API keys, you must generate new ones by clicking the regenerate button on your portal.vippsmobilepay.com page. Please remember to update your integrations, so they will continue working.
Vipps MobilePay can't provide API keys in any way other than through the portal.