Getting started

The Dinero API is REST based, which is easy to work with and familiar to developers.

To use the API, you need to apply as a developer. We will send you a Client ID and a client secret, which you should use to authenticate yourself through the API.

If you want to use an API key on behalf of your account, you will also need to obtain the key for the organization. Please navigate to the API page in Dinero to generate the key. You need an active Dinero Pro subscription for the organization that you need to access. You can upgrade your subscription on the subscription page.

If the organization does not have an active Dinero Pro subscription, the request will be denied with HTTP 403 (Forbidden) and errorcode 48.

Base URL


Dinero uses VismaConnect which is based on OAuth2 and supports OpenIdConnect. This means that you use a token on every request to authorize yourself.


  1. Sign in at VismaConnect
  2. Create an application in Applications
  3. Apply for integration access to DineroPublicApi here
  4. Additional help is available at the Documentation

Authentication (deprecated)

Dinero uses token based authentication through OAuth2. This means that you use a token on every request to authorize yourself.

Your EncodedClientIdAndSecret and the target organizations API-key is used with the above endpoint, in exchange for a token, which you then append on every future requests.

You'll need a new token for each organization you want to access.

If your request was composed correctly, and your credentials were correct, the server will return an access_token in JSON format for you to use

Authentication endpoint

Example request

curl -X POST \ \
    -H 'authorization: Basic bXljbGllbnRpZDpYZlVXZzRrb1h0TFc5cjNFbGthTzYxQkw2Q2Y3S0Y2Y1NmR2c2ak1FODQ=' \
    -H 'content-type: application/x-www-form-urlencoded' \
    -d 'grant_type=password&scope=read%20write&username=yourApiKey&password=yourApiKey'
private static async Task<AuthorizationToken> Authenticate(Uri uri, string clientId, string clientSecret, string apiKey)
    using (var client = new HttpClient())
        var content = new FormUrlEncodedContent(new List<KeyValuePair<string, string>>
            new KeyValuePair("grant_type", "password"),
            new KeyValuePair("scope", "read write"),
            new KeyValuePair("username", apiKey),
            new KeyValuePair("password", apiKey),

        var request = new HttpRequestMessage
            RequestUri = uri,
            Method = HttpMethod.Post,
            Content = content,
            Headers =
                { "Authorization", string.Format("Basic {0}", Base64Encode($"{clientId}:{clientSecret}")) }

        var result = await client.SendAsync(request).ConfigureAwait(false);

        var response = await result.Content.ReadAsStringAsync().ConfigureAwait(false);

        return JsonConvert.DeserializeObject<AuthorizationToken>(response);

private static string Base64Encode(string plainText)
    var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);

    return Convert.ToBase64String(plainTextBytes);
const http = require("https");
const querystring = require('querystring');

const bodyParameters = querystring.stringify({
    'grant_type': 'password',
    'scope=': 'read write',
    'username': 'yourApiKey',
    'password' 'yourApiKey'

const options = {
  'method': 'POST',
  'hostname': '',
  'path': '/dineroapi/oauth/token',
  'headers': {
    'authorization': 'Basic bXljbGllbnRpZDpYZlVXZzRrb1h0TFc5cjNFbGthTzYxQkw2Q2Y3S0Y2Y1NmR2c2ak1FODQ=',
    'Content-Type': 'application/x-www-form-urlencoded',
    'Content-Length': bodyParameters.length

new Promise((resolve) => {

    var req = http.request(options, (res) => {
        const chunks = [];

        res.on("data", (chunk) => {

        res.on("end", function () {
            const body = Buffer.concat(chunks).toString();


}).then(tokenResponse => {

function authenticate(string $uri, string $clientId, string $clientSecret, string $apiKey) {
    $data = [
        'grant_type' => 'password',
        'scope' => 'read write',
        'username' => $apiKey,
        'password' => $apiKey,

    $encodedClientAndSecret = base64_encode($clientId . ":" . $clientSecret);

    $options = [
        'http' => [
            'header' => "Authorization: Basic $encodedClientAndSecret",
            'method'  => 'POST',
            'content' => http_build_query($data)

    $context  = stream_context_create($options);

    $resultPayload = file_get_contents($uri, false, $context);

    POST /dineroapi/oauth/token HTTP/1.1
    Authorization: Basic bXljbGllbnRpZDpYZlVXZzRrb1h0TFc5cjNFbGthTzYxQkw2Q2Y3S0Y2Y1NmR2c2ak1FODQ=
    Content-Type: application/x-www-form-urlencoded
    grant_type=password&scope=read write&username=yourApiKey&password=yourApiKey


public class AuthorizationToken
    [JsonProperty(PropertyName = "access_token")]
    public string AccessToken { get; set; }

    [JsonProperty(PropertyName = "refresh_token")]
    public string RefreshToken { get; set; }

    [JsonProperty(PropertyName = "expires_in")]
    public long Expires { get; set; }


ClientId and ClientSecret (deprecated)

You will receive your API credentials on email, when you have been approved as an API partner. If you have not yet applied you can do it here

Encoded ClientId and ClientSecret (deprecated)

Is your encoded ClientId and ClientSecret. To get the [encodedSecret] you need to base64 encoded your ClientSecret and ClientId seperated by ':', as shown here: [client_id]:[client_secret] .

API key

The API key of the organization you want to access in Dinero. This will have be provided by your customer/user of you integration. To genereate an API key, you need to be a Dinero-Pro user, as an API partner we can grant you Pro access on your test organization, just contact our support. For a guide how to create an API key, se here


"Organization" is the term we use for the users "Firma" in Dinero. If you need a test organization, here is a guide to how you can create one.

Organization id

The organization id of the organization you want to access in Dinero. This will have to be provided by your customer/user of you integration. Here is a guide to where you can find the organization id on a Dinero organization

Ledger items

Equal to the danish "kassekladde linje".

Error codes

Code Message Description
40 Not found The URI requested is invalid or the resource requested, such as a voucher, does not exists. Also returned when the requested format is not supported by the requested method
41 Unauthorized The user has insufficient permissions to perform the request on the given resource.
42 Validation Error A validation error occurred
43 Limit Exceeded An upper or lower limit was exceeded
44 Invalid format The format of the specified value is incorrect
45 Invalid request The request is invalid
46 Invalid filter format The format of the filters are incorrect
47 An accounting year was not found The organization has not created the requested accounting year
48 Not Pro Cannot access Pro features without a Pro subscription
49 Email rejected The email could not be send.
50 Error A server error occured. No more information about this error could be found.
51 EAN problems Could not send e-invoice.
52 No organization owner The organization don't have an owner.
53 No organization email The organization don't have an email.
54 Missing bank info The organization don't have any bank info.
55 No receiver email Invoice receiver don't have an email. Update the contact or supply and email with your request.
56 No EAN number Invoice receiver don't have an EAN number. Update the contact before trying to send an e-invoice.
57 Invalid EAN number Invoice receiver's EAN number is not valid.
58 Timestamp out of date The supplied timestamp is not the latest version of the entity. Get the latest version and try again.
59 Voucher not booked The voucher is not booked. The requested action requires the voucher to be booked.
60 No VAT number Organization don't have a VAT number
61 Invalid bank info The bank info is not valid.
62 E-invoice contact missing att. person The contact of an e-invoice must have an att. person.
63 No results The request gave no results.
64 No recepient email The request uses email, but the contact don't have an email.
65 Item is deleted You cannot make changes to a deleted item.
66 Ledger limit exceeded Your ledger has too many lines. There is a cap of 1000 lines per ledger.
67 File type not allowed File type not supported. Acceptable formats: JPEG, JPG, PNG, GIF, PDF
68 File type not present The file type was not found in the file name. Acceptable formats: JPEG, JPG, PNG, GIF, PDF
69 Must be MIME multi part content Must be MIME multi part content
70 Ledger items optimistic concurrency Multiple ledger item post request was send in a short time interval. Due to that we respect the order of the ledger items, this causes a concurrency issue. Ledger items for same organization should not be posted async.
71 Update concurrency error Update concurrency error
72 Duplicated entity error Duplicated entity error
73 Something went wrong while sending the email. Something went wrong while sending the email. The email might or might not have been sent.
74 Voucher not overdue. Pre-reminder mailout could not be send. The voucher is not overdue. The requested action requires the voucher to be overdue.
75 Date differs for same voucher number The date should be the same for items with the same voucher number.
76 FileGuid differs for same voucher number The FileGuid should be the same for items with the same voucher number.
77 Account does not exist The account does not exist for given account id.
78 Id differs for same voucher number The id should be the same for items with the same voucher number.
79 Invalid VAT number Organization don't have a valid VAT number
80 Can't claim free pro Can't claim free pro if already claimed or if already pro
81 Cannot create accounting year Cannot create accounting year
82 Dates not in single accounting year Cannot find a single accounting year from the dates. This means that the dates may be overlappin two accounting years
83 The specified end date is before the specified start date The specified end date is before the specified start date
84 The specified to and from dates spans too long time, you can at the most request 31 days at a time The specified to and from dates spans too long time, you can at the most request 31 days at a time
85 The tradeoffer cannot be edited when it is not in the draft status Tradeoffers cannot be edited when it has been accepected, rejected, or converted into an invoice
86 Deposit does not exist The deposit does not exist for given deposit account id.
87 Version differs for same voucher number The version should be the same for items with the same voucher number.
88 No booked reminder The voucher does not have a booked reminder. Reminder mailout could not be send.
89 Forbidden Can not access Total features without a Dinero Total License.


If you have any technical questions, please email us at


We love integrations. Do you have a software that just needs to be integrated with Dinero? Please submit your request below, and we will contact you soon.

Technical Review

Before you launch your integration, you are obligated to setup a technical review of your application.

This means that you need to have either a physical or digital meeting with the development team at Dinero to ensure, your use of the Dinero api is as performant as possible. Also the meeting is set up in order to ensure that any changes can be completed, before the integration is put into production

This technical interview is conducted to ensure optimal usage of the api and encourage for a close relation between Dinero and our integration partners.

If we recognize usage of your integration outside of the testing organization-id entered in the signup form, we reserve the right to disable the credentials, until the interview has been held. We will try to reach out before any such measures is applied.

We retain the opportunity to reject applications:

  • because of security issues,
  • the service is too close to our business,
  • other political reasons

Best practice

Be sure to read the entire documentation for the endpoints you are using, this will make sure that you have a complete overview of all the possibilities of the endpoint

Always check the status code
Make sure you understand the HTTP Status code specification, how we apply it here at Dinero, and what some of the common issues is with the specific statuscodes

StatusCode Http status meaning Common mistake
200 Ok Everything is fine
201 Created Everything is fine, and here is an empty body
400 Bad request This oftens occurs when the required fields are not supplied in the API call. E.g not having a contact on a Invoice when trying to book it, or not suppling the newest timestamp
401 Unauthorized Something is wrong with your token, often it has expired
403 Forbidden You do not have access to the requested resource. We also use this statuscode when the requested organization doesnt have a valid Pro subscription
429 Rate limited You have exceeded the maximum amount of calls for a given timeperiod, wait a couple of minutes and continue
500 Server error This means that something is wrong on our end, and if it doesn't resolve within a couple of days please reach out to us

Use ChangesSince
We often experience integration partners doing complete syncs, day after day.
This is not the correct way to use the API.

Instead of fetching everything, most of our list endpoints have a parameter called ChangesSince.
ChangesSince is a datetime parameter which ensures that everything that have been created or updated since the specified time will be returned.

Have a maximum retry policy
Always implement a maximum of retires, depending on the returned statuscode

E.g: if we return 400, check the error response and update your integration to include the correct data. We reserve the right to disable credentials if integrations misuse our API
E.g: if we return 500 for a range of requests, please pause these requests for some time before trying again

Try to limit your daily request count
You should always try to reduce the amount of daily requests to a minimum, we supply our API as a free to use service, we therefore require integrations to use it as efficient as possible.

Always make sure that you have read the entire documentation for a specific endpoint, we may meantion good solutions and how to use the endpoints correctly.


Filters are not available on all properties, so be sure to check the endpoints queryFilter URI parameter description to see which. If the endpoint do not contain a queryFilter URI parameter, then it does not support filtering.

Each filter command is built after the structure: [PropertyName] [Operator] '[Value]'

Be aware that the [Value] is not case sensitive. And remember the ' around it.

Each filter command should be separated with: ;

Name Types Operator Example
Equals string, int, bool eq Name eq ’John Doe’
Contains string contains Name contains ’John D’



Get methods that potentially has a very large output implements pagination. It can maximum return 1000 entries per page, if a higher pageSize is given an Exception with error code 43 is thrown. The pagination defaults to a pageSize of 100 entries, and returns the first page if left empty.

The pagination URI properties are listed below:

Name Description Type Additional information
page The 0-based page number integer Default value is 0
pageSize The maximum number of items to include in a page. Max 1000. integer Default value is 100. Max value is 1000.


There are no hard limit on the number of API requests per day but we enforce a fair use limit and requests will be rate-limited if too many calls are made within a short period of time. Rate limiting is considered on a per client_id basis.

If you hit the rate limit, this is the body of the HTTP 429 message that you will see: API calls quota exceeded! (...)

We constantly monitor the usage of our API to ensure that it is used as efficient as possible. If we detect that the API can be used more efficient or that the API resources are being exhausted by a single client integration and it is evaluated by Dinero to hurt the general service of the API to other customers, Dinero can decide to revoke the access for single clients. Dinero will always strive to solve such issues in dialog with the integrating partner before any counter measures are taken.

Posting image

An example of how a post call to our files service could look like:


POST[organization_id]/files/?fileName=sample-invoice.jpg HTTP/1.1
    Authorization: Bearer eyJ0eXAiOiJKV1QiLC....
    Accept: application/json
    Content-Type: multipart/form-data; boundary="-------abcdefg1234"
    Content-Length: 313036
    Expect: 100-continue
    Connection: Keep-Alive

    Content-Type: image/jpeg
    Content-Disposition: form-data; name=image; filename=sample-invoice.jpg; filename*=utf-8''sample-invoice.jpg