Skip to main content

Access token (1.0.1)

Download OpenAPI specification:Download

Access token API contains the endpoints to request a JWT access token. The access token must be provided in all API requests, together with the subscription key. The access token is valid for 1 hour in the test environment and 24 hours in the production environment. For details, see the API Guide.

Authorization Service

Authorization Service

Request a new access token (JWT bearer token)

The accesstoken endpoint is used to get the JWT (JSON Web Token) that must be passed in every API request in the Authorization header. The access token is a base64-encoded string value that must be acquired first before making any Vipps API calls. The access token is valid for 1 hour in the test environment and 24 hours in the production environment.

header Parameters
client_id
required
string <guid>
Example: fb492b5e-7907-4d83-ba20-c7fb60ca35de

The client_id is available on portal.vipps.no, under the 'Utvikler' tab. Think of it as the "username".

client_secret
required
string
Example: Y8Kteew6GE2ZmeycEt6egg==

The client_secret is available on portal.vipps.no, under the 'Utvikler' tab. Think of it as the "password". Keep it secret. Vipps will never ask for it, and do not need it.

Ocp-Apim-Subscription-Key
required
string
Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a

The subscription key for the authorization token is available on portal.vipps.no, under the 'Utvikler' tab. Keep it secret. Vipps will never ask for it, and do not need it.

Responses

Response samples

Content type
application/json;charset=UTF-8
{
  • "token_type": "Bearer",
  • "expires_in": 3600,
  • "ext_expires_in": 3600,
  • "expires_on": 1547823408,
  • "not_before": 1547819508,
  • "resource": "00000002-0000-0000-c000-000000000000",
  • "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni <truncated>"
}