Get started

Information about how to start integrating with GS1 Sweden APIs.

Prerequisities

To get started using GS1 Sweden APIs you need to become a customer. Depending on the agreement type you will get access to different APIs. This is explained in detail here. In the Developer Portal you can familiarise yourself with the different APIs and their endpoints. Please note the base url for each environment below. GS1 Sweden is currently not using Azure API Management gateway. Integration should be developed with base urls listed below.

Base URLs and scopes

Integrating applications should use relevant base url, depending on environment. Every endpoint has a "Request for integration" url to use.

Production: https://services.validoo.se
Pre-prod: https://services-preprod.validoo.se

APIs and related scope to use.

Authentication

GS1 Sweden APIs uses OAuth token-based authentication. This means the client requests an access token with username and password for an API user and if credentials exist a token is issued. Refresh tokens are also supported. The structure of the request and response can be found here.

Tokens

Request token

The client requests an access token via the token_endpoint. The access token can expire, and the token response includes an expires_in property in seconds. The request should state the relevant scopes intended for use. After initial token request, a new token should only be requested when the old one is about to expire or use refresh tokens.

Refresh token

Request to get a refresh token by using the same token endpoint as when requesting a token. Include the string value of property refresh_token from the initial token response. A new access and refresh token will be issued. The refresh token can expire, and the refresh token response includes an expires_in property in seconds. Note that “offline_access” must have been included in the scope of the initial request for the refresh_token to be returned.

Using the token

The application must pass the retrieved access token as a Bearer token in the Authorization header when querying any public GS1 Sweden API.

Token endpoints

Token endpoints for pre-prod and prod are located on the Technical Integration page as a logged in user in MyGS1.

Implementation

When prerequisites are met, an implementation example can be found here.

API limitations

There is no specific limit to the number of API calls per day, however GS1 Sweden reserves the right to implement limits at any time without prior notice, and to restrict calls in our sole discretion. Please bundle your calls and space them out if possible.

Information retrieved from GS1 Sweden services must be stored locally. No information from GS1 Sweden services should be consumed directly by end product.