Vipps API Client
Component Detail
Description
Low-level HTTP client for the Vipps Login API. Handles endpoint configuration for test and production environments, request signing, and error response parsing. Encapsulates all direct network calls to Vipps endpoints.
vipps-api-client
Summaries
The Vipps API Client enables seamless integration with Norway's most widely used mobile payment and identity platform, giving users a frictionless one-tap login experience they already trust. By supporting this login method, the application reduces sign-up abandonment, increases conversion rates, and meets user expectations in the Norwegian market where Vipps is a de-facto standard. Dual environment support (test and production) allows safe rollout and compliance validation before going live, reducing business risk and accelerating time-to-market for authentication features.
This medium-complexity component is self-contained with no internal dependencies, making it straightforward to scope and parallelize with other work. It must be validated against both the Vipps test and production environments before release, requiring coordination with Vipps developer portal credentials and sandbox access. Key delivery risks include API credential provisioning lead time and potential Vipps policy or endpoint changes. Integration testing should cover token exchange, userinfo retrieval, and token revocation flows.
Budget for a dedicated QA pass against the live Vipps test environment prior to production deployment.
This component is a focused HTTP client that encapsulates all network I/O with the Vipps Login API. It exposes typed async interfaces: `postTokenExchange` for PKCE/authorization-code token exchanges, `getUserInfo` for fetching identity claims with a Bearer token, and `postTokenRevocation` for logout flows. Environment switching via `setEnvironment` and URI accessors (`getAuthorizationEndpoint`, `getTokenEndpoint`) allow clean test/production toggling without conditional logic scattered across callers. Error responses are parsed into typed models, so upstream services handle failures without raw HTTP inspection.
Runs exclusively in the mobile execution context; no backend surface area.
Responsibilities
- Configure Vipps API base URLs for test and production environments
- Execute token endpoint POST requests with correct content-type and credentials
- Execute userinfo endpoint GET requests with Bearer token
- Parse and surface Vipps API error responses with typed error models
Interfaces
postTokenExchange(params: Map<String, String>): Future<Response>
getUserInfo(accessToken: String): Future<Response>
postTokenRevocation(token: String): Future<Response>
setEnvironment(env: VippsEnvironment): void
getAuthorizationEndpoint(): Uri
getTokenEndpoint(): Uri