Changelog

All notable changes to the current API will be documented here. To learn about API versioning, see API lifecycle.

Changes that affect multiple APIs are documented in the general changelog.

August 2025

Agreement scope is now supported in the Merchant-initiated login integration flow.
Increased the lifetime of the id-token to 1 hour

May 2025

The email and email_verified fields were added to the id-token

April 2025

The gender scope was added.

March 2025

Users accepting marketing consents will now be remembered on the server side. This means they will not be asked to accept the same marketing consent every time the delegatedConsents scope is present.

January 2025

Vipps MobilePay users can now change their phone number. This means you can get the same sub with different phone numbers.

August 2024

Added support for controlling session timeout via the requested_expiry parameter in the Merchant-initiated login integration flow.

April 2024

Added support for Marketing consent in browser.

January 2023

Removed the QR code login flow.

September 2021

Vipps Login support for logging in directly from phone number (CIBA) and QR code. See: Merchant-initiated login integration.

February 2021

To have a unified way of providing user information across Vipps services we are standardizing the data formats, both within Vipps and with the OIDC standard.

Other improvements

The merchant can choose whether the user should be automatically returned to the browser after completing the authentication Vipps. We have also added a specific flow for integrations with native apps.

August 2025​

May 2025​

April 2025​

March 2025​

January 2025​

August 2024​

April 2024​

January 2023​

September 2021​

February 2021​

Launched Login API version 2​

Other improvements​