The Telenor Sweden external APIs lets you access data, manage subscriptions and services, create quotations and place orders for your specific agreement including account management on your user's behalf.
In order to get started you must sign an agreement with Telenor to consume the API products. Please contact your Telenor key account manager to proceed with this. When the signed agreement is processed you will receive the user credentials, both for production and test environments. Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, or similar.
Authentication depends on the API product you are using. Telenor supports both OAuth2 Client Credentials access tokens and JSON Web Tokens (JWT). When signing up you will get details of what token type to use. Before any requests can be made towards Telenor APIs you must first request a token.
Use this flow for APIs that require OAuth2 Client Credentials.
Example request:
curl -X POST <baseURL>/openapi/oauth2/token \
-H 'Accept: application/json' \
-H 'Authorization: Basic <base64-encoded-key-and-secret>' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d grant_type=client_credentials
Change the Authorization header to a base64 encoding of your key pair i.e. Base64(<Consumer Key>:<Consumer Secret>). The available baseURL are:
Example response:
{
"access_token": "iLsXI22AbszY1J3cA7lYusO0PAbG",
"expires_in": "3599",
"scope": "openapi"
}
Usage example:
curl -X 'GET' \
'<baseURL>/corporate/fixed-network/product-catalog/product-offers' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <access_token>'
Use this flow for API requests in an active Communication service. The JWT token should be used in all communication with the Telenor API proxy for the following APIs:
The available baseURL are:
Please note that the API name should be included in the query string parameter service.
Request
curl -X POST '<baseURL>/b2b/corporate/auth/right/v2/hasPermission/corporate/?service=Mobile%20Subscriptions%20Administration%20API' \
-H 'Content-Type: application/json' \
-H 'X-Transaction-Id: <unique-transaction-id>' \
-H 'Authorization: Bearer <access_token>' \
-d '{
"clientId": "XXXXXXXXXXXXXXXXXXXXXXXXXXX",
"userId": 1234567,
"password": "XXXXXXXXXXXX"
}'
Example response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3IiwiY2xpZW50SWQiOiJYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYIiwic2VydmljZSI6Ik1vYml
sZSBTdWJzY3JpcHRpb25zIEFkbWluaXN0cmF0aW9uIEFQSSIsImV4cCI6MTcxNjIzOTAyMn0.example-signature"
}
Use the returned JWT in subsequent API requests with the HTTP header Authorization: Bearer <access_token> and X-JWT: <jwt_token>.
The different APIs are available in the 'Choose API' menu option. All APIs are documented using OpenAPI format (see OpenAPI Initiative).
Example request:
curl --request get \
--url <baseURL>/b2b/mobile-admin/productCatalogManagement/v1/serviceRules \
--header 'accept: application/json' \
--header 'authorization: Bearer <access_token>' \
--header 'X-JWT: <jwt_token>' \
--header 'x-transaction-id: <unique-transaction-id>'
<access_token> and <X-JWT> are valid for 1 hour. After that we will return a 401 HTTP response, with the body explaining that the token has expired and a new one must be requested.