Vipps QR API (1.0)

Download OpenAPI specification:Download

URL: https://developer.vippsmobilepay.com/docs/contact/

API to generate QR codes for a Vipps payment and Merchant Redirects. See the API Guide for more information.

Merchant redirect QR

Create merchant redirect QR

Generate a QR that works as a redirect back to the merchant

Authorizations:

BearerToken

header Parameters

Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Request Body schema: application/json

id required	string or null [ 1 .. 128 ] characters ^[-_+%æøåÆØÅ\w\s]*$ Merchant supplied Id for QR
redirectUrl required	string or null <uri> ^https:\/\/[\w\.]+([\w#!:.?+=&%@\-\/]+)?$ The target url of the QR (redirect destination)
ttl	integer or null [ 300 .. 2147483647 ] Optional time-to-live field, given in seconds

Responses

Request samples

Payload

Content type

application/json

{"id": "billboard_1",
"redirectUrl": "https://example.com/myProduct",
"ttl": 600
}

Response samples

200
400
409
415

Content type

application/json

{"id": "billboard_1",
"url": "https://qr.vipps.no/generate/qr.png?...",
"redirectUrl": "https://example.com/myProduct",
"expiresIn": 598
}

Get all merchant redirect QRs

Get all merchant redirect QRs for this saleunit

Authorizations:

BearerToken

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.
Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Responses

Response samples

200

Content type

application/json

[{"id": "billboard_1",
"url": "https://qr.vipps.no/generate/qr.png?...",
"redirectUrl": "https://example.com/myProduct",
"expiresIn": 598
}
]

Update redirectUrl for merchant redirect QR

Update the redirect url (target destination) of the QR

Authorizations:

BearerToken

path Parameters

id

required

string

id for QR

header Parameters

Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Request Body schema: application/json

redirectUrl

required

string <uri> ^https:\/\/[\w\.]+([\w#!:.?+=&%@\-\/]+)?$

Responses

Request samples

Payload

Content type

application/json

{"redirectUrl": "https://example.com/myProduct"
}

Response samples

200
400
404
415

Content type

application/json

{"id": "billboard_1",
"url": "https://qr.vipps.no/generate/qr.png?...",
"redirectUrl": "https://example.com/myProduct",
"expiresIn": 598
}

Delete merchant redirect QR

Authorizations:

BearerToken

path Parameters

id

required

string

id for QR

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Responses

Response samples

404

Content type

application/json

{"type": "string",
"title": "string",
"detail": "string",
"instance": "string",
"invalidParams": [{"name": "string",
"reason": "string"
}
]
}

Get merchant redirect QR by id

Authorizations:

BearerToken

path Parameters

id

required

string

id for QR

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.
Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Responses

Response samples

200
404

Content type

application/json

{"id": "billboard_1",
"url": "https://qr.vipps.no/generate/qr.png?...",
"redirectUrl": "https://example.com/myProduct",
"expiresIn": 598
}

One time payment QR

Create One Time Payment QR

Endpoint for generating a Vipps QR for a merchant payment. Given a valid vippsLandingPageUrl this endpoint will return a QR for that payment.

Authorizations:

BearerToken

header Parameters

Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr
Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number	string The merchant serial number (MSN) for the sales unit. Partners and PSP merchants must always send the Merchant-Serial-Number header, and we recommend that everyone sends it, also when using the merchant's own API keys. The Merchant-Serial-Number header can be used with all API keys, and can speed up any trouble-shooting of API problems quite a bit.

Request Body schema: application/json

url

required

string

Url to the Vipps landing page, obtained from ecom/recurring apis

Responses

Request samples

Payload

Content type

application/json

{"url": "   https://api.vipps.no/dwo-api-application/v1/deeplink/vippsgateway?v=2&token=eyJraWQiO...."
}

Response samples

200
400
415

Content type

application/json

{"url": "https://qr.vipps.no/generate/qr.png?...",
"expiresIn": 544
}

Merchant callback QR

Get all merchant callback QR's

Returns all QR codes that matches the provided Merchant-Serial-Number.

Authorizations:

BearerToken

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number required	string The merchant serial number (MSN) for the sales unit.
Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Responses

Response samples

200
400
403

Content type

application/json

[{"merchantSerialNumber": "12345",
"merchantQrId": "27072f82-c4b6-49cd-9838-10f21d87496e",
"locationDescription": "Kasse 1",
"qrImageUrl": "https://qr.vipps.no/generate/qr.png?...",
"qrContent": "https://qr.vipps.no/..."
}
]

Get callback QR by id

Returns the QR code represented by the merchantQrId and Merchant-Serial-Number provided in the path and header respectively. The image format and size of the QR code is defined by the Accept and Size headers respectively.

Authorizations:

BearerToken

path Parameters

merchantQrId

required

string

The merchant defined identifier for a QR code.

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number required	string The merchant serial number (MSN) for the sales unit.
Accept required	string Enum: "image/" "image/png" "image/svg+xml" "text/targetUrl" Requested image format. Supported values: {image/,image/png, image/svg+xml, text/targetUrl}
Size	integer [ 100 .. 2000 ] Eks: 200. Then 200x200 px is set at dimension for Qr

Responses

Response samples

200
400
403

Content type

application/json

{"merchantSerialNumber": "12345",
"merchantQrId": "27072f82-c4b6-49cd-9838-10f21d87496e",
"locationDescription": "Kasse 1",
"qrImageUrl": "https://qr.vipps.no/generate/qr.png?...",
"qrContent": "https://qr.vipps.no/..."
}

Create or update callback QR

Creates or updates the QR code that encapsulates the provided merchantSerialNumber and merchantQrId. See Webhooks API to create a webhook that will send callbacks when this QR code is scanned by a Vipps user.

If the endpoint is called with the same merchantQrId twice or more, it is the last call that defines the location property. The actual QR code image will not be updated on consecutive calls.

Authorizations:

BearerToken

path Parameters

merchantQrId

required

string

The merchant defined identifier for a QR code.

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number required	string The merchant serial number (MSN) for the sales unit.

Request Body schema: application/json

locationDescription

required

string

A description of where the QR code will be located. It will be shown in the app when a user scans the QR code. Examples could be ‘Kasse 1’ , ‘Kiosk’ or ‘Platform 3’.

Responses

Request samples

Payload

Content type

application/json

{"locationDescription": "Kasse 1"
}

Response samples

400
403

Content type

application/json

{"type": "string",
"title": "string",
"detail": "string",
"instance": "string",
"invalidParams": [{"name": "string",
"reason": "string"
}
]
}

Delete callback QR

Deletes the QR code that matches the provided merchantQrId and merchantSerialNumber.

Authorizations:

BearerToken

path Parameters

merchantQrId

required

string

The merchant defined identifier for a QR code.

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number required	string The merchant serial number (MSN) for the sales unit.

Responses

Response samples

400
403
404

Content type

application/json

{"type": "string",
"title": "string",
"detail": "string",
"instance": "string",
"invalidParams": [{"name": "string",
"reason": "string"
}
]
}

Create callback QR code Deprecated

This endpoint is for migrating existing MobilePay PoS QR codes from the current solution that will end its lifetime. It is meant for merchants that have printed QR codes and want them to stay functional for the new product offering that will replace the now deprecated solution.

This endpoint will not create a new QR code but rather map the provided beaconId with the Merchant-Serial-Number, to make sure the already printed QR code can be re-used. When the QR code is scanned by MobilePay users, it will result in a callback being sent to the merchant if the merchant has registered a webhook for the QrScannedEvent.

The callback will include a MerchantQrId which in this scenario will equal the beaconId.

Authorizations:

BearerToken

path Parameters

beaconId

required

string

The MobilePay PoS BeaconId

header Parameters

Authorization required	string The access token is a base64-encoded string that is required for all API calls. It is a JWT (JSON Web Token). The access token is fetched from the `POST:/accesstoken/get` endpoint. It is valid for 1 hour in the test environment and 24 hours in the production environment.
Ocp-Apim-Subscription-Key required	string Subscription Key
Merchant-Serial-Number required	string The merchant serial number (MSN) for the sales unit.

Request Body schema: application/json

locationDescription

required

string

A description of where the QR code will be located. This corresponds to the PoS name field from the old MobilePay V10 API. It will be shown in the app when a user scans the QR code. Examples could be ‘Kasse 1’ , ‘Kiosk’ or ‘Platform 3’.

Responses

Request samples

Payload

Content type

application/json

{"locationDescription": "Kasse 1"
}

Response samples

400
403

Content type

application/json

{"type": "string",
"title": "string",
"detail": "string",
"instance": "string",
"invalidParams": [{"name": "string",
"reason": "string"
}
]
}