Skip to content
Apier
Apier.no landing page

Apier.no

Norwegian company intelligence, without the manual work

Data APIs tell agents about Norwegian companies. Apier lets agents act for them — with delegated authority, an audit trail, and Norwegian legal grounding.

One API for verification, signing authority, annual accounts, and compliance deadlines. Built on authoritative government sources — so your team or your software stops doing it by hand.

  • Audit trails
  • Delegated authority
  • Norwegian data residency
  • Production-ready

Built forAI agentsAccounting softwareInternal automationBusiness applications

Verify a company — live

Live lookups against the real Norwegian Company Register (Enhetsregisteret) for a few well-known companies — no API key, no signup.

Try a well-known company

Live lookup against the Norwegian Company Register (Enhetsregisteret) — no API key needed.
{
  "success": true,
  "data": {
    "entity_type": "AS",
    "obligations": [
      {
        "obligation_id": "mva-registration",
        "obligation_name": "Registrering i Merverdiavgiftsregisteret",
        "category": "registration",
        "frequency": "one-time",
        "required": "conditionally",
        "condition": "Selskapet må registreres i Merverdiavgiftsregisteret når avgiftspliktig omsetning overstiger 50 000 kr i en 12-månedersperiode.",
        "tier_2_required": true,
        "legal_reference": "Merverdiavgiftsloven § 2-1",
        "source_url": "https://lovdata.no/lov/2009-06-19-58/§2-1"
      },
      {
        "obligation_id": "skattemelding-annual",
        "obligation_name": "Skattemelding for aksjeselskap",
        "category": "tax",
        "frequency": "annual",
        "required": "always",
        "condition": null,
        "tier_2_required": false,
        "legal_reference": "Skatteforvaltningsloven § 8-2",
        "source_url": "https://lovdata.no/lov/2016-05-27-14/§8-2"
      }
    ],
    "notes": []
  },
  "_meta": {
    "rulebook_version": "1.0.0",
    "data_freshness": "2026-04-22T10:05:07.813Z",
    "last_verified": "2026-04-21T10:05:07.813Z",
    "source": "apier.no",
    "data_source": "Brønnøysund Enhetsregisteret + Apier Universal Rulebook",
    "legal_basis": "NLOD — public registry reuse",
    "schema_version": "1.0.0"
  }
}

Rulebook-influenced responses also carry _meta.served_from (live or cache) and _meta.cache_age_ms— so you always know whether an answer came from a live government call or Apier's verified cache layer.

Live sandbox

Run a real call before you sign up

Apier's public infrastructure endpoints are keyless. Paste the command below into any terminal and you get a real, normalised response — the official NOK exchange rate from Norges Bank, with Apier's trust _meta attached. No account, no API key, no card.

No signup required
curl -sS 'https://www.apier.no/api/v1/tools/exchange-rate?currency=EUR'
{
  "success": true,
  "data": {
    "base": "NOK",
    "quote": "EUR",
    "rate": 11.5034,
    "date": "2026-06-18",
    "requested_date": "2026-06-18",
    "source": "Norges Bank",
    "cached": false
  },
  "_meta": {
    "rulebook_version": "1.0.0",
    "data_freshness": "2026-06-18T00:00:00.000Z",
    "served_from": "live",
    "source": "apier.no",
    "schema_version": "1.0.0"
  }
}

Example response — the rate and date values refresh daily from Norges Bank, and _meta.served_from tells you whether an answer came from a live upstream call or Apier's verified cache layer. Browse the full keyless surface in the sandbox guide.

Architecture

One integration instead of five

Your software talks to a single Apier API. Apier owns the authentication, delegation, audit and compliance layer, and brokers every call to the Norwegian government systems behind it.

You

Your software

AI agent, accounting platform, or internal tool — one API key.

Apier · execution layer

  • AuthenticationMaskinporten token exchange
  • DelegationAltinn system users
  • Audit trailimmutable receipts
  • Compliancedeterministic state
  • Rulebookversioned legal rules

Norwegian government

  • Altinn 3filings & delegation
  • Brønnøysundcompany registry
  • Maskinportenmachine identity

Build directly vs Apier

What you own when you build it yourself

The Norwegian government APIs are free. The cost is the execution layer on top of them — and the one thing you cannot buy your way around: write-side accreditation.

  • Maskinporten JWT signing & token exchange

    Direct
    You build it
    Apier
    Included
  • Delegation handling

    Direct
    You build it
    Apier
    Included
  • Audit logging

    Direct
    You build it
    Apier
    Included
  • Regulatory change maintenance

    Direct
    Ongoing burden
    Apier
    Handled
  • Write-side accreditation (Altinn / Skatteetaten)

    Direct
    Requires Norwegian legal entity + accreditation
    Apier
    Already accredited

What Apier does

Three primitives that sit between the AI agent and every Norwegian-government endpoint it would otherwise need to integrate directly.

  • Authorization

    Apier holds and rotates the Maskinporten tokens your agent needs, scoped to the exact rights a customer has delegated. Your code asks for an action; Apier proves the caller is allowed to take it before anything reaches a government system.

  • Obligations

    Knowing which forms, deadlines, and filings apply to a given company is its own problem. Apier's Rulebook resolves the obligations that follow from a company's roles and registrations, so your agent works from a current answer instead of a hard-coded guess.

  • Action Translation

    One intent — "file this", "check that" — often spans several agencies, each with its own format. Apier turns a single call into the correct ordered sequence of government requests and returns one structured result your agent can act on, with each step recorded.

How it works

Four steps. Each one is a discrete API call the agent can reason about — no hidden state, no magic resolution.

  1. Step 01

    Agent asks: can I act?

    The agent sends a company org_number and intent to Apier. A single call returns the effective delegation scope plus every obligation that applies — with versioned legal citations the agent can surface to its caller.

  2. Step 02

    Apier composes the real request

    Given an authorized intent, Apier translates it into the concrete Altinn / Skatteetaten / Brønnøysund call and returns a dry-run receipt describing exactly what will happen — who, what, when, on whose authority. Delegation writes already accept an Idempotency-Key; other write endpoints inherit the same contract as the idempotency middleware lands across the surface.

  3. Step 03Handover

    Human-agent handover

    When the action crosses a threshold (signing, thresholds above NOK limits, missing delegations), Apier issues an Approval Token and a Norwegian-language explanation of what the human must do, where, and why. The agent stops here until the token is used.

  4. Step 04

    Apier validates, audits, replays

    On approval, Apier composes and validates the request, logs the full exchange to an append-only audit trail, and returns a receipt. Today that runs in sandbox and dry-run — it validates without submitting to a live government system; live binding submission is gated, pending Maskinporten production validation and Altinn scope approval, and runs the same audited path. On endpoints that carry an Idempotency-Key, the same key always returns the same receipt — never a duplicate submission.

Why not integrate directly

The Norwegian government APIs are free. The integration cost is not.

  • Authorization complexity

    Maskinporten, system users, and per-scope delegation are a multi-step setup before your first successful call — and the tokens expire. Doing it yourself means owning that ceremony, and its failure modes, for every customer you onboard.

  • Missing obligation logic

    The APIs return data, not answers. They won't tell you which filings a company owes, or when. That mapping lives in regulation, changes over time, and is yours to build and keep current if you wire up the endpoints directly.

  • No execution safety

    A raw integration will happily fire a malformed or duplicate filing. There's no dry-run, no idempotency, and no record of what an agent actually did — exactly what you need when it's acting on a client's behalf.

Skip the boilerplate

Your agent calls one tool. We handle Maskinporten, Altinn, token refresh, scope resolution, and error mapping.

The Direct Way

Direct Maskinporten + Altinn integration

// Just to make ONE authenticated Norwegian gov API call:
// Maskinporten JWT, token exchange, Altinn fetch, error
// handling. Obligation logic needs several of these, plus
// your own rule engine to interpret the results.
import jwt from "jsonwebtoken";

// 1. Sign a client-assertion JWT (RS256) with your key.
const assertion = jwt.sign(claims, "<your-private-key>", {
  algorithm: "RS256",
});

// 2. Exchange it for a Maskinporten access token.
const tokenRes = await fetch(MASKINPORTEN_TOKEN_ENDPOINT, {
  method: "POST",
  headers: { "Content-Type": "application/x-www-form-urlencoded" },
  body: new URLSearchParams({
    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
    assertion,
  }),
});
if (!tokenRes.ok) {
  // ...retry, token refresh, scope-mismatch mapping
}
const { access_token } = await tokenRes.json();

// 3. Call Altinn, then normalise the response yourself.
const altinnRes = await fetch(ALTINN_AUTHORIZATION_URL, {
  headers: { Authorization: "Bearer " + access_token },
});
// ...parse roles, map scopes, handle 401/403/429, refresh.

The Apier MCP Way

One tool call via @apier-no/mcp

// One tool call. Apier handles Maskinporten, Altinn,
// token refresh, scope resolution, and error mapping —
// then returns the structured obligation set.
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "get_company_obligations",
    "arguments": { "org_number": "999999999" }
  },
  "id": 1
}

Execution guarantees

The contract every agent runtime gets when it talks to Apier. Six promises, each one enforceable with a single test.

DeterminismSame input, same Rulebook version, same output.
The same request produces the same cross-agency plan every time. No hidden model in the path deciding what to do — the sequence is derived from rules you can read.
IdempotencyAn Idempotency-Key makes a delegation write safe to retry.
Send the same request twice with the same idempotency key and the second call returns the first result instead of acting again, so a retry after a timeout can't write twice.
Dry-runSee the exact call before it happens.
Preview the exact government requests a call would make, and what they'd return, without submitting anything — so you can test an agent's behaviour before it touches a live registry.
Audit trailAppend-only, consumer-scoped, immutable.
Every action writes an append-only record: who acted, in what capacity, what was sent, and what came back. The log can be added to, never edited or deleted.
Approval TokenA human gate for every threshold action.
Actions that need a human in the loop can be gated behind a single-use approval token, so an agent prepares a filing and a person authorises it before anything is sent.
ResilienceTimeouts, bounded retries, and rate limits contain failure.
Calls run behind timeouts and bounded retries, and an agent that misbehaves can be rate-limited before it burns through a customer's tokens — so one bad client doesn't degrade the rest.
Accountability

Built for accountability, not just access.

When an AI agent acts on your behalf inside a government system, the question from finance and compliance is the hard one: how do you prove what it did? Apier was built so that question has a clean answer. Every call an agent makes through the platform is recorded the moment it happens — not reconstructed afterwards from scattered logs, but written as it runs. Each record captures the request that went out, the agency it reached, and the response that came back, tied to the identity and the delegated capacity the agent was acting under. The point isn't to collect data for its own sake. It's that when someone asks who filed this, under whose authority, and on what date, the platform can show them, line by line, instead of asking you to take it on trust. That record exists from the first call — which matters, because a history of who did what can't be backfilled credibly once it's the thing you need.

That record is tamper-evident by design. The audit log is append-only: entries can be added but never quietly edited or deleted, enforced at the database level rather than left to application code that could be bypassed. Alongside each action, Apier keeps the inputs the decision was based on — the company's state and the rules in force at that moment — so a filing can be explained in the terms that applied when it was made, not the terms that happen to apply today. When a live, gated submission returns a receipt or confirmation from a government system, that raw response is stored too. For a compliance officer, that's the difference between a system that says it did the right thing and one that can hand you the evidence — the snapshot, the rule version, and the agency's own acknowledgement — when an auditor or a client asks.

Accountability also means an agent can't quietly do damage. Before anything is submitted, a call can be run as a dry-run that shows exactly what it would send. Actions that warrant a human decision can be held behind an approval step, so automation prepares the work and a named person releases it. And because requests are idempotency-protected, a retry after a network hiccup returns the original result rather than filing a second time — the kind of silent duplicate that's painful to unwind. None of this slows your team down day to day; it's the quiet machinery that lets you hand work to an agent and still answer for every action it takes, months later, in front of whoever is asking.

Who Apier is for

  • AI agent developers

    Claude, Cursor, Devin, custom agents — anyone writing an autonomous loop that has to reason about Norwegian regulatory compliance.

  • Accounting software

    Tripletex, Fiken, PowerOffice, and every next-gen entrant that wants compliance-as-an-API instead of compliance-as-a-plugin-registry.

  • Regnskapsbyrå

    Accounting firms whose juniors spend 30% of their time on the mechanical parts of filings — the parts that Apier makes deterministic and one-call.

  • Operations teams inside AS / NUF

    In-house platforms building internal agents that need to know what's due, what's authorized, and what was already submitted.

Why Apier.no exists

Sovereign friction is real and Norway should win from it.

Altinn, Brønnøysund, and Skatteetaten are world-class public infrastructure. But AI agents can't reason about Norwegian delegation rules, compliance deadlines, or entity obligations — because nobody has translated them into a machine-readable layer. That's the gap Apier.no fills. Apier.no translates Norwegian regulatory reality into structured API responses any agent can act on.

Built for audits, not demos

Full trust + transparency page →
  • EU data residency

    Database: Stockholm, live. Compute: Vercel EU edge today; full-EU backend before real company data flows.

  • Open audit trail

    Every Rulebook evaluation and every write action is recorded in an append-only audit log, scoped to the consumer that made the call. The schema is public; operators can introspect what they're signing up for before they sign.

  • Versioned Rulebook

    Every rule is stored as data, not code, and ships with a `_meta.rulebook_version`. A rule change is a DB operation, not a release — and a lovdata.no-source-change alert loop watches for the upstream regulatory drift that would invalidate it.

Pricing preview

Planned pricing — takes effect when the API exits beta. Today every tier is free; keys are still required on Category B endpoints for rate limiting and audit attribution.

Full pricing →
TierPriceIncludes
Developer / FreeNOK 0/month100 API calls / month for evaluation. Free public endpoints stay outside the quota.
StarterNOK 499/month5,000 API calls / month. Full API access including the Auth Gateway, plus email support.
ProfessionalNOK 1,999/month25,000 API calls / month with higher concurrency and priority support.
EnterpriseNOK 9,999/monthUnlimited calls with SLA, dedicated support, and custom sector rules.

Get started

Hit the live API from your terminal — no key, no account. When you're ready, sign up for a free key in seconds.

curl -sS 'https://www.apier.no/api/v1/tools/altinn-migration' | jq .