Authentication
Vipps MobilePay API requests must include the Authorization
header with
a JSON Web Token (JWT), which we call the access token.
To get an access token, first you need to have API keys. Get your API keys, as described in API keys.
Partners should use Partner keys.
Get your access token by calling
POST:/accesstoken/get
and including the client_id
, client_secret
and Ocp-Apim-Subscription-Key
headers.
For example:
curl -X POST 'https://apitest.vipps.no/accesstoken/get' \
-H "Content-Type: application/json" \
-H 'client_id: YOUR-CLIENT-ID' \
-H 'client_secret: YOUR-CLIENT-SECRET' \
-H 'Ocp-Apim-Subscription-Key: YOUR-SUBSCRIPTION-KEY' \
-H 'Merchant-Serial-Number: YOUR-MSN' \
-H 'Vipps-System-Name: acme' \
-H 'Vipps-System-Version: 3.1.2' \
-H 'Vipps-System-Plugin-Name: acme-webshop' \
-H 'Vipps-System-Plugin-Version: 4.5.6' \
--data ''
Replace the value of the Vipps-System
headers with your own values.
See HTTP headers for more details.
When a partner uses
partner keys
for requests that are not for a specific merchant,
the Merchant-Serial-Number
can be omitted.
Many of these headers are optional during testing, but you should include them in your integration, so that error information can be found in the logs.
See the Access Token API Guide for more details about the parameters and responses.