Send e-post til DSOP@bits.no dersom FAQ ikke besvarer ditt spørsmål.
Maskinporten
Eksempel token request
Eksempel uten signatur: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFNURDQ0E4eWdBd0lCQWdJTEFmTEU3RzEyRGJhTEpOZ3dEUVlKS29aSWh2Y05BUUVMQlFBd1VURUxNQWtHQTFVRUJoTUNUazh4SFRBYkJnTlZCQW9NRkVKMWVYQmhjM01nUVZNdE9UZ3pNVFl6TXpJM01TTXdJUVlEVlFRRERCcENkWGx3WVhOeklFTnNZWE56SURNZ1ZHVnpkRFFnUTBFZ016QWVGdzB4T0RFeU1EY3hNak01TURaYUZ3MHlNVEV5TURjeU1qVTVNREJhTUVveEN6QUpCZ05WQkFZVEFrNVBNUkF3RGdZRFZRUUtEQWRDU1ZSVElFRlRNUlV3RXdZRFZRUUREQXhDU1ZSVElFRlRJRlJGVTFReEVqQVFCZ05WQkFVVENUa3hOamsyTURFNU1EQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU1JUmJGZkUxUnVuVDFsV0VaamYwejJhQitoSm1RUVNyVFNOWVd5WkE0M1RuRmJhbjVlZTFQV1hnV2VaNERzNExaYWVzV05GKzFvdTE1M3hKSmRPQ2M2VDNrRXlrYUNScXQ3UVl4bHczQVova01NV2dtaUllK0lUNmRuSkVBZDB5c1NJaldYQzd0Vktoa0hQRUxPY2RpVkxrVVNDa3ExZVVXQlFaaGNncEJHWlBoSDNVRHE4V2E1SEl5YnJacnFVNGpVMDMrQURpdkxHRTNSeStnV21HNEZodGxtN0xHcEptMmQ1L0UvQXBQcm44alJ6TVNIM3RJbm5hbFVGOHZLZ3dJVEpqTHB5V0F4SFBBQUZTMEE2blMrMnA1dzRNVjY4b0xwdFJOb3Z4UkoxSURoVVdrTW5lQUJFbWg4bkZUTkxNREtWc1Jrc0wxekpjemNiM3VnZXVoTUNBd0VBQWFPQ0FjSXdnZ0crTUFrR0ExVWRFd1FDTUFBd0h3WURWUjBqQkJnd0ZvQVVQNjcxZUF1U28zQWdOVjlhK3Zja29GSUI4RUV3SFFZRFZSME9CQllFRkJPbjhWZk1Vbk9wS1E1UXV0ajcvWmFvOG9zQ01BNEdBMVVkRHdFQi93UUVBd0lFc0RBV0JnTlZIU0FFRHpBTk1Bc0dDV0NFUWdFYUFRQURBakNCdXdZRFZSMGZCSUd6TUlHd01EZWdOYUF6aGpGb2RIUndPaTh2WTNKc0xuUmxjM1EwTG1KMWVYQmhjM011Ym04dlkzSnNMMEpRUTJ4aGMzTXpWRFJEUVRNdVkzSnNNSFdnYzZCeGhtOXNaR0Z3T2k4dmJHUmhjQzUwWlhOME5DNWlkWGx3WVhOekxtNXZMMlJqUFVKMWVYQmhjM01zWkdNOVRrOHNRMDQ5UW5WNWNHRnpjeVV5TUVOc1lYTnpKVEl3TXlVeU1GUmxjM1EwSlRJd1EwRWxNakF6UDJObGNuUnBabWxqWVhSbFVtVjJiMk5oZEdsdmJreHBjM1F3Z1lvR0NDc0dBUVVGQndFQkJINHdmREE3QmdnckJnRUZCUWN3QVlZdmFIUjBjRG92TDI5amMzQXVkR1Z6ZERRdVluVjVjR0Z6Y3k1dWJ5OXZZM053TDBKUVEyeGhjM016VkRSRFFUTXdQUVlJS3dZQkJRVUhNQUtHTVdoMGRIQTZMeTlqY25RdWRHVnpkRFF1WW5WNWNHRnpjeTV1Ynk5amNuUXZRbEJEYkdGemN6TlVORU5CTXk1alpYSXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSDV0aTlvN1VyWUtsSU55ekFyeDVEOU95Uk9JVC9wSGpYdUI2Tm14akFKWDJsc3IwY0RCN1dmL0V5dFVCK2Y2TUxzZGpzT1hRc3NhYUtET3lwV3pzZW9BbnlyN2gwRnBwdzkrdW50a3NuNU53MFg4LzdTWnRxY1hpNVVHQklKRUVHVUs3eTNWd0hkVjUvbTN3MmFsdTQ1NW9ibG9RWm9tM0FmTTgvWkg1OGJweEpzOTdwQnpjN0ZERk5sVWdSeHFEQW5QWHpHeGM4VVMzcEcrVzNqQnpWVHY2YkRHMmZ0VGxjQ2JXQW5hQVVGOWw3ZFB2bFVMMGpsMWlGbUNxS3Q2T01YeHNOSnBLaFZLZ1kzRWVyYjk1cDRtRzBZbzUvU28vV1Fqc2FReE1WeTVOL0tIak4yTmQ2MktTV3B4MWt1Vmw2SVBJUHpuelZrdWxiNzkvQStSbVRzPSJdfQ.eyJpYXQiOjE1NzIzNTI3NzAsInNjb3BlIjoiYml0czprdW5kZWZvcmhvbGQud3JpdGUiLCJuYmYiOjE1NzIzNTI3NzcsImV4cCI6MTU3MjM1Mjg3NywiaXNzIjoiZDYxZmU5ZDAtODAyYy00OTliLThlYjgtYzdiNGMzMDg1ZDAxIiwiYXVkIjoiaHR0cHM6Ly9vaWRjLXZlcjIuZGlmaS5uby9pZHBvcnRlbi1vaWRjLXByb3ZpZGVyLyJ9
Header:
{
"alg": "RS256",
"typ": "JWT",
"x5c": [
"MIIE5DCCA8ygAwIBAgILAfLE7G12DbaLJNgwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSMwIQYDVQQDDBpCdXlwYXNzIENsYXNzIDMgVGVzdDQgQ0EgMzAeFw0xODEyMDcxMjM5MDZaFw0yMTEyMDcyMjU5MDBaMEoxCzAJBgNVBAYTAk5PMRAwDgYDVQQKDAdCSVRTIEFTMRUwEwYDVQQDDAxCSVRTIEFTIFRFU1QxEjAQBgNVBAUTCTkxNjk2MDE5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIRbFfE1RunT1lWEZjf0z2aB+hJmQQSrTSNYWyZA43TnFban5ee1PWXgWeZ4Ds4LZaesWNF+1ou153xJJdOCc6T3kEykaCRqt7QYxlw3AZ/kMMWgmiIe+IT6dnJEAd0ysSIjWXC7tVKhkHPELOcdiVLkUSCkq1eUWBQZhcgpBGZPhH3UDq8Wa5HIybrZrqU4jU03+ADivLGE3Ry+gWmG4Fhtlm7LGpJm2d5/E/ApPrn8jRzMSH3tInnalUF8vKgwITJjLpyWAxHPAAFS0A6nS+2p5w4MV68oLptRNovxRJ1IDhUWkMneABEmh8nFTNLMDKVsRksL1zJczcb3ugeuhMCAwEAAaOCAcIwggG+MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUP671eAuSo3AgNV9a+vckoFIB8EEwHQYDVR0OBBYEFBOn8VfMUnOpKQ5Qutj7/Zao8osCMA4GA1UdDwEB/wQEAwIEsDAWBgNVHSAEDzANMAsGCWCEQgEaAQADAjCBuwYDVR0fBIGzMIGwMDegNaAzhjFodHRwOi8vY3JsLnRlc3Q0LmJ1eXBhc3Mubm8vY3JsL0JQQ2xhc3MzVDRDQTMuY3JsMHWgc6Bxhm9sZGFwOi8vbGRhcC50ZXN0NC5idXlwYXNzLm5vL2RjPUJ1eXBhc3MsZGM9Tk8sQ049QnV5cGFzcyUyMENsYXNzJTIwMyUyMFRlc3Q0JTIwQ0ElMjAzP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3QwgYoGCCsGAQUFBwEBBH4wfDA7BggrBgEFBQcwAYYvaHR0cDovL29jc3AudGVzdDQuYnV5cGFzcy5uby9vY3NwL0JQQ2xhc3MzVDRDQTMwPQYIKwYBBQUHMAKGMWh0dHA6Ly9jcnQudGVzdDQuYnV5cGFzcy5uby9jcnQvQlBDbGFzczNUNENBMy5jZXIwDQYJKoZIhvcNAQELBQADggEBAH5ti9o7UrYKlINyzArx5D9OyROIT/pHjXuB6NmxjAJX2lsr0cDB7Wf/EytUB+f6MLsdjsOXQssaaKDOypWzseoAnyr7h0Fppw9+untksn5Nw0X8/7SZtqcXi5UGBIJEEGUK7y3VwHdV5/m3w2alu455obloQZom3AfM8/ZH58bpxJs97pBzc7FDFNlUgRxqDAnPXzGxc8US3pG+W3jBzVTv6bDG2ftTlcCbWAnaAUF9l7dPvlUL0jl1iFmCqKt6OMXxsNJpKhVKgY3Eerb95p4mG0Yo5/So/WQjsaQxMVy5N/KHjN2Nd62KSWpx1kuVl6IPIPznzVkulb79/A+RmTs="
]
}
Kommentarer til header:
- KID skal ikke benyttes hvis det ikke er avklart med Difi (Bruk x5c)
- x5c skal ikke inkludere sertifikatetkjeden
Eksempel på payload:
{
"iat": 1572352770,
"scope": "bits:kundeforhold.write",
"nbf": 1572352777,
"exp": 1572352877,
"iss": "d61fe9d0-802c-499b-8eb8-c7b4c3085d01",
"aud": "https://test.maskinporten.no/"
}
Kommentarer til header:
- iat, nbf og exp defineres per forespørsel
- iss skal være klient ID definert i selvbetjeningsportalen
- aud og scope skal ikke endres
Asymmetriske nøkler
Difi har gitt tilbakemelding om at det er en feil med selvbetjenings API’et som brukes til å forhåndsregistrere asymmetriske nøkler (JWKS). X5c i JWT header kan benyttes i stedet.
API-spesifikasjon
Boundary i batch
Det er viktig at boundary er korrekt definert i body og header. I header skal verdi i boundary ikke ha anføreselstegn (“). Hvis KFR returnerer 403 på batch-forespørselen er dette sannsynligvis fordi boundary har blitt definert feil enten i header eller body.
Se eksempel under.
Eksempel BATCH
POST https://preprod.api.bits.no/kar-ws/api/v1/customers/financialInstitutions/916960190/batch
=== HEADER ===
Authorization: Bearer <token>
Content-Type: multipart/form-data; boundary=873380600719114776488944
CorrelationID: 2b6fc544-e708-4887-8425-378733eea631
User-Agent: PostmanRuntime/7.18.0
=== BODY ===
--873380600719114776488944
Content-Disposition: form-data; name="customer_type";
DSOPBANK
--873380600719114776488944
Content-Disposition: form-data; name="customers"; filename="customers.csv";
Content-Type: text/plain
922203687#2019-11-08,958069367#2011-11-05,921785194#2019-10-15,917439389,989181335#2019-01-03,996128768
--873380600719114776488944--