In production, API features dealing with BankID and Swish require authentic passphrase protected SSL certificates.
However, in the test environment certificates are not used and are merely there to simulate production like requirements.
You may selfsign or use these in our test environment:
BankID
This is a guide on how to create and activate a production BankID certificate with Billecta.
This type of BankID certificate is referred to as a "relaying party certificate" or, in Swedish, something like "BankID förlitande part".
Either you do most of the steps in the guide yourself, or Billecta may do it for you.
Prerequisites
- You must have signed a BankID agreement with your organization's bank, regardless.
Assisted scenario
Billecta offers to handle the certificate generation and configuring the addon in case you are not able to do it yourself.
For this, Billecta will charge two hours work. Contact for more information.
Do it yourself scenario
Backend
Request a certificate
Your certificate is ordered from the bank you have the agreement about our services with. The steps are:
- Create the request with BankID Keygen.
- Send the request to the bank.
- Receive the issued certificate from the bank.
BankID Keygen
To run the BankID Keygen software you need to start a command prompt or terminal application for your operating system (Windows, Mac OS or Linux respectively).
You don’t need to install anything to run this application.
Details:
File Name: keygen-2-3-3.zip
File Size: 8.2 MB
Date Published: 11/6/2024
SHA256SUM: 4c540855733062be5f1bf34bb17567f013ec7fbf5e32c0abb820bf94fd8f034f
Unpack BankID Keygen
Unpack the downloaded zip file with BankID Keygen in your preferred folder. BankID Keygen requires no installation and can be run from e.g. a USB flash drive.
Create request
If you haven't already done so, start by unpacking the downloaded zip file with BankID Keygen in your preferred folder.
Windows
From the command prompt, navigate to where you saved the BankID Keygen (`keygen-windows.exe`) and start the program.
Enter information
When you start the Keygen program you will see the Keygen welcome screen:

To generate a CSR, select '1' on the welcome screen and press 'Enter'. The following information is required in the CSR process:
-
Official name of your organisation
This should be your organisation’s registered company name (max 64 characters).
-
Corporate identity number of your organisation
Enter your company’s corporate registration number according to Bolagsverket or equivalent without hyphens or spaces (10 digits).
-
Password to protect your private key
This is your password to protect your private key that will be generated. It must be at least 12 characters long and contain four letters and one digit.
You will have to use this password later in the process when creating your PKCS#12.
It's very important that you remember this password as it can't be restored!
Display name
This will be shown to the user when they identify themselves or sign to your services. Enter the name to be displayed (max 40 characters) according to the instructions from your bank.
The display name is usually the organization's registered company name or the name commonly used for the organization /e-service, e.g. a registered trademark.
Before the certificate request is created you will have the option of verifying the information. If all looks good, press Y and enter to create the certificate request.
Private key file
The application will suggest a filename for Private Key file. If you accept it the file will be saved in the working directory.
If you want to save it in another place you can manually type the path and file name. Make sure the file extension is still .key.
Certificate request file
The application will suggest a filename for CSR file. If you accept it, the file will be saved in the working directory.
If you want to save it in another place you can manually type the path and file name. Make sure it's still .p10. This is the file you need to send to the bank in order to get your certificate.
The CSR-generation is finished and you can ensure your request is created and saved on the disc:

Send request
You should now send the certificate request that you have just created (example CSR_Ericsson_20200323.p10) to the bank with which you have signed the agreement on the use of the BankID service.
This shall be done according to the instructions from the bank. You should receive the recipient and delivery information from the bank.
Create the PKCS#12/PFX file
Once you've received the issued certificate from the bank it's time to create a bundle containing the private key and the certificate. This will be used from your application in communication with our service. The bundle is often referred to as a PKCS#12, P12 or PFX file.
Windows
From a command prompt, navigate to where you saved BankID Keygen (keygen.exe) and then run the command keygen.exe.

Start a terminal and navigate to where you saved BankID Keygen and then type './keygen'. This will start the welcome screen of BankID Keygen.
Steps to Generate PKCS#12/PFX
- On the welcome screen, select option 3: "Generate PKCS#12 / PFX".
- BankID Keygen will display a numbered list of all files with the .key extension in the working directory. Select the number corresponding to the private key you want to use and press "Enter". If there is only one key in the directory, the number will be 1.
- Enter the password for the private key when prompted. This is the password you created when you generated the CSR file. Press "Enter".
- Select the certificate you received from the bank. If it is saved in the working directory, it will appear in a numbered list; otherwise, you need to enter the file path manually.
- Finally, enter the path where you want to save the PKCS#12 file. Press "Enter" to save it in the working directory with the default filename, or manually enter a new filename and pat.
Upload the certificate file to the Billecta portal
- Go to addons (sv: tillägg).
- Click the pencil () in the mobile BankID addon.
- Select your certificate file and enter your previous decided passphrase.
Verify (optional)
Wait about one minute before pressing the button to verify your certificate.
if there are any problems, do not hesitate to contact Billecta and we will assist you.
Use cases
This page and the subsections below describe specific workflows and usages of Billecta API features.
Basic invoicing
This section will describe the most basic operation of sending an invoice using the Billecta API, and it's associated bare necessities.
In order to send and invoice, you need to create products which will go onto the records of the invoice. You also need to create debtors, meaning the recipients of invoices.
-
Create debtor
Call POST /v1/debtors/debtor
with a DebtorView body.
Take note of the id in the CreatedView response.
Debtors are the recipients of invoices, meaning they are the end customers. There is also a plural POST to create several at a time, and a PUT which would update a preexisting entry. Alternatively, you could create the debtors in the portal if you are always invoicing the same small set of customers.
-
Create product
Call POST /v1/products/product
with a ProductView body.
Take note of the id in the CreatedView response.
Product go onto the invoice records. If you are selling furniture, a sofa may be a product. As with debtors, there's also a plural POST to create several at a time, and a PUT (create/update). Alternatively, you could also create products in the portal using your web browser - in case you're going to keep re-using the same small set of already defined products.
-
Create invoice
Call POST /v1/invoice/action
with an InvoiceActionEntryView body.
Take note of the id in the CreatedView response.
-
Attest the invoice
Call PUT /v1/invoice/attest/{id}
with the id returned in the previous step.
This will deliver the invoice, provided a means of distibution has been set.
That's it — as the most basic invoicing use case. Certainly creating and attesting an invoice could also be done in the portal, but if you're an API user you should get familiar with these fundamenal steps through the API.
If you are on a Microsoft .NET platform, we recommend you to try our SDK, which encapsulates the actual requests described here into methods of our .NET NuGet library.
Get bank accounts
The Billecta API has the feature to retrieve bank account numbers for private persons (no support for companies yet and not available in the Billecta portal). Supported banks are defined in the
API reference. By specifying a Swedish person number (12 digits) and a bank code the Billecta system may extract the IBAN, clearing code and account numbers from the person's bank.
This is mostly useful in the autogiro approval flow but also for other cases.
The flow for getting bank accounts
User mobile/browser |
Your system |
Billecta API |
1. Your user in your system wants to extract their account number. |
2. Your application makes a request to initiate retrieval of bank account numbers in the Billecta API at endpoint /bank/accounts/[...].
|
3. The Billecta API initiates a mobile BankID authentication to the selected bank and returns a PublicId to reference the initiated request.
|
5.1 The user opens the app and authenticates themself. |
4. Your system receives the PublicId to the initiated requests and instructs the user to open their mobile BankID app (or automatically open their mobile BankID app). Information on how to open BankID app on cell phone is covered in the following link.
|
5.2 While the user authenticates themself your application polls the Billecta API (each second is sufficient) by making a request to Get bank account numbers in Billecta API. Use the PublicId received when initiating the account number retrieval.
|
5.3 The Billecta API checks status of authentication and if accounts have been retrieved.
- If authenticated and accounts retreived: The response will be a BankAccountRequestView with status Success.
- If not authenticated yet (might take some time): The response will be a BankAccountRequestView with status Waiting. Poll again according to 5.2 after 1 second.
- If aborted or other error: The response will be a BankAccountRequestView with status Failed.
While polling, you may each time check BankAccountRequestView.QR to see if there is a QR code image to display for the user, and present it to the user if you so wish.
|
7. User selected one of the accounts.
|
6. When receiving BankAccountRequestView a response with status Success, present the found accounts to the user.
|
This means that you first initiate a 'retrieval job' that will get the process going in the background. Then we wait for the users (can take some time). Meanwhile you continuously check the status if the
customer has authenticated themselves and if the 'retrieval job' is completed. Once the 'retrieval job' you will get all data collected.
Note that the information is only stored at most 24 hours before the collected data is removed in accordance to GDPR.
BankID authentication/sign
Authentication and sign with mobile BankID are supported as a standalone feature in Billecta API. Detailed information about
each call can be found at API reference. By specifying a Swedish person number (12 digits)
you can trigger an authentication or sign in your users mobile phones. This can be used for various purposes in your application.
Prerequisites to use the mobile BankID features are
- A creditor exists in Billecta Portal
- A mobile BankID certificate has been issued by your bank and uploaded in the Billecta Portal (see instructions)
A mobile BankID certificate must be issued by your bank. Please contact your bank if you don't have one already.
Once you have the mobile BankID certificate, convert it to .pfx certificate with a password (required for security reason) and upload it in Billecta. Sign in to Billecta Portal, open settings and press on Addons. Press on Add Addon and select Mobile BankID. Upload your certificate with your password and press save.
The flow for mobile authentication
The sign process is similiar, but to a different endpoint.
User mobile/browser |
Your system |
Billecta API |
|
1. Start by making a request to Create Mobile BankID authentication/sign request in Billecta API (see API reference).
|
2. Billecta API initiates a mobile BankID authentication with the bank and returns a BankIdAuthenticationStatusView containing a ReferenceToken.
|
4.1 User open app and authenticates him/her self. |
3. Your system receives the BankIdAuthenticationStatusView to the initiated requests and inform the customer to open their mobile BankID app (or automatically open their mobile BankID app). Information on how to open BankID app on cell phone is covered in the following link.
|
4.2 While user authenticates them self your application polls the Billecta API (each second is sufficient) by making a request to Get Mobile BankID authentication status in Billecta API. Use the ReferenceToken received when initiating the mobile BankID authentication.
|
4.3 Billecta API checks status of user authentication.
- If authenticated: The response will be a BankIdAuthenticationStatusView with status Complete.
- If not authenticated yet (might take som time): The response will be a BankIdAuthenticationStatusView with status Started or OutstandingTransaction. Poll again according to 4.2 after 1 second.
- If aborted or other error: The response will be a BankIdAuthenticationStatusView with status NoClient or Error.
|
7. User is authenticated or has signed.
|
6. When receiving BankIdAuthenticationStatusView a response with status Complete, present to the user that they are authenticated.
|
This means that you first initiate a 'authenticate job' that will get the process going in the background. Then we wait for the users (can take some time). Meanwhile you continuously check the status if the
customer has authenticated themselves and if the 'authenticate job' is completed. Once the 'authenticate job' you will get all data collected (IP-number, etc).
Note that the information is only stored at most 24 hours before the collected data is removed in accordance to GDPR.
Kivra
Kivra Setup
To get started, go to Addons under Settings in the app and enable the Kivra addon. Once Kivra has been enabled, the only remaining task is to update the delivery method for your debtor or select Kivra as the delivery method when creating an invoice through our API. After completing these steps, you're good to go.
Please note that, to send content through Kivra, the following requirements must be fulfilled:
- The debtor must have an active account with Kivra.
- The debtor must have a Swedish SSN.
- The debtor must not have opted out of receiving content from your company.
To check which of your debtors can receive content through Kivra, you can use our endpoint:
Check if debtor has enabled Kivra.
Kivra in Test
In our test environment, you can test your Kivra connection. The setup is identical to production. However, to add a user to Kivra in test, you can do any of the following:
-
If you have access to Test BankId, follow these steps:
Test Kivra's app with BankID.
-
Send an email to avsandare.support@kivra.com with the following information:
- Company name
- Company registration number
- Contact us, and we will provide you with an SSN that is active in Kivra's Sandbox environment.
Payments with Swish
To get started with allowing payments with Swish within your application the following configuration must be made and flow implemented. By integrating Swish in Billecta API
invoices will be automatically processed as paid and bookkept once payment is completed. Swish requires that a Swish certificated is issued by Swish (https://www.getswish.se/).
Instructions on how to retrieve a Swish certificate can be read at https://developer.getswish.se/. Please note that you are applying for 'Swish for Merchants'. Also contact your
Bank to activate required bank services and more information on how to get started.
Prerequisites to use the Swish features are
- A creditor exists in Billecta Portal
- A Swish certificate has been issued and uploaded in the Billecta Portal (see instructions)
The flow for Swish payments
User mobile/browser |
Your system |
Billecta API |
2. Present the Swish payment form for the user where they should have the possibility to specify their registered phone number for Swish payments.
|
1. Start by creating an invoice or retrieve the action public id of an existing invoice.
|
|
3. User enters phone number and presses 'Pay' (or other button to initiate the payment flow)
|
4. Your system makes a request to Create Swish payment request in Billecta API (see API reference) with the ActionPublicId and the users phone number.
|
5. Billecta API initiates a swish payment at Swish and returns a token/public id that identifies the initiated payment.
|
7.1. User opens the Swish app. The app is prepopulated with you company name and amount to pay.
|
6.1. Your system receives the token/public to the initiated request and inform the customer to open their Swish app (or automatically open it if user is on a cell phone).
|
7.2. User approves the payment. If user is on cell phone he/she switches app back to your website and waits for updated status. |
6.2. While user approves the payment your application polls Billecta API (each second is sufficient) by making a request to Get Swish payment status in Billecta API. Use the token/public id received when initiating the swish payment.
Your system receives the SwishPaymentStatusView to the payment request. If status is 'Created' then keep polling. All other states move down to step 8.
|
6.3. Billecta contacts Swish and checks status on payment request and returns a SwishPaymentStatusView.
|
9. Information about the payment status is shown
|
8. Payment has at this stage either been paid or cancelled depending on the status. If paid, the invoice is marked as paid and payment is registered automatically in Billecta API.
If cancelled then no payment has been made. User is informed about the payment status.
|
This means that you first initiate a 'payment job' that will get the process going in the background. Then we wait for the user to approve the payment in their app (can take some time).
Meanwhile you continuously check the status if the payment and if the 'payment job' is completed. Once the 'payment job' is completed then show the user the result.
Payments with Credit Cards
This documentation explains two scenarios for credit card payments using the Billecta API: Scenario 1, where the card is saved for future use, and Scenario 2, where the card is used for a one-time payment without saving.
Prerequisites to use the credit card payment features are:
- A debtor exists in the Billecta system with an associated public ID
- The credit card addon has been activated on the creditor in the Billecta portal
Scenario 1: Payments with Saved Credit Cards
User mobile/browser |
Your system |
Billecta API |
2. The user is presented with an option to save their card information for future payments.
|
1. Create an intent to add a credit card using the debtor's public ID.
|
|
3. The user is redirected to or presented with the AddWindowUrl to input their card details.
|
4. Your system makes a request to Create intent to add credit card in the Billecta API with the debtor's public ID, SuccessUrl, and FailureUrl.
|
5. Billecta API securely handles the card information through the AddWindowUrl. Upon success, it returns a public ID for the saved card.
|
7.1. User completes card information entry and confirms.
|
6.1. Your system monitors the status of the card-saving process through the returned public ID.
|
7.2. User is informed of the result (success or failure). |
6.2. If successful, your system creates a payment intent for the invoice using the saved card ID.
|
6.3. Billecta API processes the payment and updates the invoice status to paid.
|
9. Information about the payment status is shown to the user.
|
8. Payment has either been successfully completed or failed. The system informs the user of the result.
|
This flow involves saving a credit card securely for future payments. The process includes adding the card, confirming the action, and then initiating a payment against the saved card.
Scenario 2: Payments Without Saving Credit Cards
User mobile/browser |
Your system |
Billecta API |
2. The user selects an invoice to pay with a credit card.
|
1. Start by creating an invoice or retrieving the ActionPublicId of an existing invoice.
|
|
3. The user inputs credit card details and confirms the payment.
|
4. Your system makes a request to Create credit card payment intent in the Billecta API with the ActionPublicId, SuccessUrl, and FailureUrl.
|
5. Billecta API securely handles the payment information and initiates the payment process. A PaymentPublicId is returned.
|
7.1. User is notified of payment completion and the result.
|
6.1. Your system polls the API to check the payment status using the PaymentPublicId.
|
9. User views the payment result (success or failure).
|
8. Payment is finalized. If successful, the invoice is marked as paid in the Billecta API.
|
This flow is designed for one-time payments without saving the credit card.
E-invoice banks
The bank type is the receiving bank for e-invoices. Bank type is used for B2C and B2B.
These are the banks that exists in the system
Enum name |
Description |
OEB
|
Danske Bank
|
SEB
|
SEB
|
SHB
|
Handelsbanken
|
SKB
|
SkandiaBanken
|
FSPA
|
Swedbank och övriga Sparbanker
|
NB
|
Nordea
|
LFB
|
Länsförsäkringar
|
FINN
|
Sparbanken Finn
|
ICA
|
ICA Banken
|
SYD
|
Sparbanken Syd
|
DNB
|
DnB Nor
|
SBF
|
Swedbank (företag)
|
AAB
|
Ålandsbanken
|
DBF
|
Danske Bank (företag)
|
SEBF
|
SEB (företag)
|
SHBF
|
Handelsbanken (företag)
|
NBF
|
Nordea (företag)
|
FRX
|
Forex Bank
|
MARG
|
Marginalen Bank
|
Donor organizations with Autogiro
This is an implementation guide for donor a organization (sv: givarorganisation) basic setup with Autogiro.
In order to send and invoice, you need to create products which will go onto the records of the invoice. You also need to create debtors, meaning the recipients of invoices.
-
Create a product
One single product needs to be created in Billecta, to be used further on in all billing. Manually create the product in the portal. It is also possible to create products using the API if needed.
-
Collect donor information
Use a web form or equivalent to get the donor’s personal number, period (monthly, quarterly, yearly) and the recurring amount.
-
Collect an Autogiro approval
If there is no preexisting Autogiro approval for the donor, present the donor with information that they are asked to confirm a bank account for Autogiro withdrawals from your organization. Please see our guide for bank account lookups.
Documentation: Bank accounts
As this involves a BankId signing, this is regarded as a proper approval, provided you are giving clear information to the donor. Save the bank account and use it later when creating a contract invoice.
-
Create a debtor
Create a debtor. The debtor represents the donor.
Endpoint: POST /v1/debtors/debtor
Documentation: Create a debtor
Intro to lingo and concepts: Concepts
When creating a debtor, the DebtorView model is populated with Autogiro approval information along with all the other information on the person.
-
Create a contract invoice
A contract invoice is a container for recurring billing. In this API call, set AutogiroWithdrawalEnabled in the ContractInvoiceActionView, reference the debtor by DebtorPublicId, among other things.
Endpoint: POST /v1/contractinvoice/action
Documentation: Create a contract invoice