Initiate a PSP payment
Initiate a payment
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Request Body schema: application/json;charset=UTF-8
pspInitiatePaymentRequest
pspTransactionId required | string <= 36 characters [a-z0-9] Used as a globally unique per PSP transaction reference for the PSP systems |
merchantOrderId required | string <= 50 characters ^[a-zA-Z0-9-]{1,50}$ Id which uniquely identifies a payment. Maximum length is 50 alphanumeric characters: a-z, A-Z, 0-9 and '-'. See: https://developer.vippsmobilepay.com/docs/common-topics/orderid/ (merchantOrderId is similar to orderId). |
customerMobileNumber | string <= 8 characters ^\d{8} Mobile number (eight digits) of the user who has to pay for the transaction from Vipps. |
amount required | integer <int32> Amounts are specified in minor units. For Norwegian kroner (NOK) that means 1 kr = 100 øre. Example: 499 kr = 49900 øre. |
currency required | string Default: "NOK" ISO 4217 defined currency code. Vipps currently only supports NOK. |
pspRedirectUrl required | string Vipps will use this URL to redirect end user after payment confirmation. Important: Do not rely on the user always reaching this URL, as some users may close Vipps immediately after seeing the payment confirmation, therefore not being "redirected" back to the merchant. |
makePaymentUrl required | string PSP URL used by Vipps to send the network token. See: https://developer.vippsmobilepay.com/docs/APIs/psp-api/vipps-psp-api/#makepaymenturl |
makePaymentToken | string <= 255 characters PSP-specified |
paymentText | string Text to be displayed to end user. The text should be as user-friendly and informative as possible. See: https://developer.vippsmobilepay.com/docs/common-topics/transactiontext/ (transactionText is similar to paymentText). |
isApp | boolean Default: false Optional parameter. Indicates whether payment request is triggered from a mobile app or a web browser. See: https://developer.vippsmobilepay.com/docs/common-topics/isApp/ |
skipLandingPage | boolean Default: false Optional parameter.
Skips the landing page for whitelisted sales units.
Requires a valid |
scope | string (Scope) Default: "psp_subscription" Value: "psp_subscription" A scope for future payments you want to process with the userToken. Current available scopes are "psp_subscription" |
merchantAgreementUrl | string For use with PSP Recurring |
Responses
Request samples
- Payload
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "customerMobileNumber": "92929292",
- "amount": 49900,
- "currency": "NOK",
- "makePaymentToken": "lfkhwef3op48yufpcno3fh34qp8fyncpf83hy4",
- "paymentText": "One pair of Vipps socks",
- "isApp": false,
- "skipLandingPage": false,
- "scope": "psp_subscription",
}
Response samples
- 200
- 400
- 500
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
}
Delete a payment agreement
Used to cancel a recurring agreement
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
User-Token required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) JWT |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Responses
Response samples
- 400
- 500
[- {
- "errorCode": "21",
- "errorMessage": "Merchant not available or active",
- "contextId": "cf6d52c9-98cc-4285-b9b3-c7d36b6b06d9"
}
]
Get card data to process a payment with token
Request a MIT payment for a recurring agreement, provides card details for processing. A updatestatus call should be made afterwards with the result of the authorisation.
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
User-Token required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) JWT |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Request Body schema: application/json;charset=UTF-8
ProcessPaymentOnToken
pspTransactionId | string Used as a globally unique transaction reference for the PSP systems |
merchantOrderId | string <= 50 characters ^[a-zA-Z0-9-]{1,50}$ Id which uniquely identifies a payment. Maximum length is 50 alphanumeric characters: a-z, A-Z, 0-9 and '-'. See: https://developer.vippsmobilepay.com/docs/common-topics/orderid/ (merchantOrderId is similar to orderId). |
amount | integer <int32> Amounts are specified in minor units. For Norwegian kroner (NOK) that means 1 kr = 100 øre. Example: 499 kr = 49900 øre. |
currency | string ISO 4217 defined currency code. Currently Vipps only supports NOK |
paymentText | string Text to be displayed to end user. The text should be as user-friendly and informative as possible. See: https://developer.vippsmobilepay.com/docs/common-topics/transactiontext/ (transactionText is similar to paymentText). |
Responses
Request samples
- Payload
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "amount": 49900,
- "currency": "NOK",
- "paymentText": "Description of payment"
}
Response samples
- 200
- 400
- 500
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "paymentInstrument": "TOKEN",
- "networkToken": {
- "number": "5000000000000000001",
- "cryptogram": "aFgdgjdkfgjdFDF=",
- "expiryMonth": "03",
- "expiryYear": "2030",
- "tokenType": "VISA",
- "eci": "7"
}
}
Update the status of the PSP transaction.
Since Vipps doesn't process the PSP transactions, updates on payment status are required in order to deliver expected customer experience. That means that PSP has to inform Vipps about any PSP payment status change through this endpoint.
Valid requests get a HTTP 200 OK
response, but the actual update is done in a batch job during the night. See the API guide for more details:
https://developer.vippsmobilepay.com/docs/APIs/psp-api/vipps-psp-api#batch-processing-of-status-updates
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Request Body schema: application/json
pspPaymentStatus
Array of objects (TransactionInfo) | |||||||||||||
Array
|
Responses
Request samples
- Payload
{- "transactions": [
- {
- "pspTransactionId": "7686f7788898767977",
- "status": "CAPTURED",
- "amount": 49900,
- "currency": "NOK",
- "paymentText": "One pair of Vipps socks",
- "operationStatus": "SUCCESS"
}
]
}
Response samples
- 200
- 400
- 500
{- "responseInfo": {
- "responseCode": "9000",
- "responseMessage": "SUCCESS"
}
}
Get the details of the PSP payment
Get the details of a payment
path Parameters
pspTransactionId required | string Example: 7686f7788898767977 Used as a globally unique per PSP transaction reference for the PSP systems. |
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Responses
Response samples
- 200
- 500
{- "pspTransactionId": "7686f7788898767977",
- "merchantOrderId": "acme-shop-123-order123abc",
- "transactionSummary": {
- "capturedAmount": 49900,
- "remainingAmountToCapture": 0,
- "refundedAmount": 0,
- "remainingAmountToRefund": 49900
}, - "transactionLogHistory": [
- {
- "amount": 49900,
- "paymentText": "One pair of Vipps socks",
- "timeStamp": "2018-06-13T18:34:25-07:00",
- "operation": "CAPTURED",
- "operationSuccess": false
}
]
}
Force Approve Payment
This endpoint allows developers to approve a psp payment through the Vipps PSP API without the use of the Vipps app. This is useful for automated testing. The endpoint is only available in our Test environment. Attempted use of the endpoint in production is not allowed, and will fail. Important: All test users must manually approve at least one payment in Vipps (using the app) before this endpoint can be used for that user. See: https://developer.vippsmobilepay.com/docs/test-environment/
path Parameters
pspTransactionId required | string Example: 7686f7788898767977 Used as a globally unique per PSP transaction reference for the PSP systems. |
header Parameters
Authorization required | string Default: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated) The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the |
Ocp-Apim-Subscription-Key required | string Example: 0f14ebcab0ec4b29ae0cb90d91b4a84a The subscription key for your API product is available on portal.vipps.no, under the Utvikler tab. This is the PSP's key, and is the same for all the PSP's merchants. Keep it secret. |
Merchant-Serial-Number required | string The Merchant Serial Number (MSN) is a unique id for the sales unit that this payment is made for. The Vipps number (MSN) for the merchant's sales unit. |
Psp-Id required | string Default: C948DFD1546347568874C4DDC93A2E3C Example: C948DFD1546347568874C4DDC93A2E3C PSP id is provided by Vipps. This is the PSP's id, and the same for all the PSP's merchants. This is a GUID value for PSPs created after 2020. |
Vipps-System-Name | string <= 30 characters Example: Acme Commerce The name of the ecommerce solution. One word in lowercase letters is good. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Vipps-System-Version | string <= 30 characters Example: 1.7 The version number of the ecommerce solution. See: https://developer.vippsmobilepay.com/docs/common-topics/http-headers/ |
Request Body schema: application/json;charset=UTF-8
ForceApproveRequest
customerPhoneNumber required | string^\d{8}$ Target customer phone number. 8 digits. |
token required | string The token value received in the |
Responses
Request samples
- Payload
{- "customerPhoneNumber": "91234567",
- "token": "eyJraWQiOiJqd3R"
}
Service endpoint exposed by the PSP
Used by Vipps to send the card network token from the Vipps token requestor service to the PSP to complete the initialized transaction.
The PSP will use the token to process the payment and then send the outcome (RESERVE
, CAPTURE
or REJECT
) to Vipps using the POST:/updatestatus
endpoint.
Communication security is established by using 1-way SSL and makePaymentToken
.
The response must use Content-Type application/json
.
header Parameters
Authorization required | string Token provided by the PSP as 'makePaymentToken' in the
|
Request Body schema: application/json;charset=UTF-8
makePaymentRequest
pspTransactionId required | string Used as a globally unique per PSP transaction reference for the PSP systems |
merchantSerialNumber required | string = 6 characters ^\d{6}$ The Vipps number (MSN) for the merchant's sales unit. |
paymentState required | string Enum: "ACCEPTED" "TIMEOUT" "USER_CANCEL" Credit Card Details Encryption Status |
userToken | string JWT-TOKEN |
binNumber required | string BIN number for the card |
required | Array of objects (Operation3DSecure) |
paymentInstrument required | string (PaymentInstrument) Default: "TOKEN" Value: "TOKEN" |
required | object (NetworkToken) |
Responses
Request samples
- Payload
{- "pspTransactionId": "7686f7788898767977",
- "merchantSerialNumber": "123456",
- "paymentState": "ACCEPTED",
- "userToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni (truncated)",
- "binNumber": "492556",
- "operations": [
- {
- "operation": "3dssuccess"
}
], - "paymentInstrument": "TOKEN",
- "networkToken": {
- "number": "5000000000000000001",
- "cryptogram": "aFgdgjdkfgjdFDF=",
- "expiryMonth": "03",
- "expiryYear": "2030",
- "tokenType": "VISA",
- "eci": "7"
}
}
Response samples
- 200
{- "errorMessage": {
- "errorId": "82",
- "errorText": "Refused by Issuer"
}, - "paymentInfo": {
- "pspTransactionId": "7686f7788898767977",
- "status": "OK",
}
}