Apier.no · Sandbox
Fixtures reference
Every synthetic org, reserved error org, simulate_error token, query knob, and magic value the sandbox serves. This page is the human-readable mirror of the canonical machine-readable directory — and is generated from the same frozen constants, so the two can never drift.
Machine-readable source (zero-auth):
curl "https://apier.no/api/v1/sandbox/fixtures"New here? Start with the quick start for the sandbox walkthrough, then see going live when you are ready for real filings. The sandbox hub explains the two surfaces and the synthetic bearer.
Reserved test orgs
The orgs the eight non-public sandbox routes (and the write-side execute path) accept. Authenticate with Authorization: Bearer apier_sandbox_test_<uuid> or a real key.
| Org number | Name | Entity | Data tier | Obligations |
|---|---|---|---|---|
| 999000001 | Sandbox AS | AS | tier_1 | MVA_FILING_BIMONTHLY |
| 999000002 | Sandbox Enkeltpersonforetak | ENK | tier_1 | SKATTEMELDING_NAERINGSDRIVENDE |
| 999000003 | Sandbox Tier 2 AS | AS | tier_1_2 | MVA_FILING_BIMONTHLY, AARSREGNSKAP |
| 999000004 | Sandbox Forsinket AS | AS | tier_1 | MVA_FILING_BIMONTHLY |
| 999000005 | Sandbox Ren AS | AS | tier_1 | MVA_FILING_BIMONTHLY |
Realistic orgs
A MOD-11-valid corporate graph (818-series) for parsers that validate org numbers before sending. Full, partial, and minimal delegation shapes across the five fixtures.
| Org number | Name | Entity | Data tier |
|---|---|---|---|
| 818000006 | Fjellberg Regnskap AS | AS | tier_1_2 |
| 818111118 | Nordlys Bakeri | ENK | tier_1 |
| 818333331 | Vindheim Konsulent AS | AS | tier_1 |
| 818444443 | Solhøyden Eiendom AS | AS | tier_1_2 |
| 818555555 | Kari Holm Frisør | ENK | tier_1 |
Acting-capacity scenario orgs
Orgs that model a specific delegation/role shape for list_acting_capacity — active role, no roles, expired delegation, and an unrecognised-org placeholder.
| Org number | Scenario |
|---|---|
| 999111114 | active-dagl |
| 999222226 | no-roles |
| 999333338 | expired-delegation |
| 999444008 | sandbox-unknown-org |
Public sandbox org
The single org the zero-auth public mirror (/api/v1/sandbox/public/*) serves — no bearer needed. It is deliberately not served by the eight non-public routes; the two fixture pools are disjoint.
| Org number | Surface |
|---|---|
| 999999999 | Public mirror only — /api/v1/sandbox/public/* |
Reserved error orgs
URL-only error injection — hit any sandbox endpoint with one of these org numbers and you get the mapped error without a query param.
| Org number | error_code | HTTP |
|---|---|---|
| 999000901 | AUTH_MISSING_DELEGATION | 403 |
| 999000902 | AUTH_EXPIRED_TOKEN | 401 |
| 999000903 | VALIDATION_FAILED | 400 |
| 999000904 | SCOPE_MISSING | 403 |
?simulate_error= tokens
All eight tokens — four Apier-edge failures and four upstream-failure shapes (the latter ride a deterministic government-shaped upstream envelope so parsers practise the same defensive parsing they meet in production).
| Token | error_code | HTTP | Meaning |
|---|---|---|---|
| missing_delegation | AUTH_MISSING_DELEGATION | 403 | Authenticated, but the company has not delegated the required Altinn scope. |
| invalid_token | AUTH_EXPIRED_TOKEN | 401 | Token-level auth failure — re-authenticate. |
| validation_error | VALIDATION_FAILED | 400 | Request shape rejected at Apier's edge. |
| scope_missing | SCOPE_MISSING | 403 | Authenticated, but the API key lacks the required scope. |
| altinn_timeout | EXECUTION_DEADLINE_EXCEEDED | 504 | Altinn did not respond within the timeout window; the response carries an upstream envelope. |
| invalid_certificate | MASKINPORTEN_AUTH_FAILED | 502 | Maskinporten refused the JWS assertion; the response carries an upstream envelope. |
| malformed_payload | GOVERNMENT_VALIDATION_REJECTED | 422 | Payload reached the government API and was rejected on content; carries an upstream envelope. |
| upstream_5xx | GOVERNMENT_UNAVAILABLE | 502 | Generic upstream 5xx — the request did not commit; safe to retry with the same Idempotency-Key. |
Query knobs
Deterministic levers every sandbox surface honours.
| Parameter | Format | Notes |
|---|---|---|
| simulate_latency | integer ms, 0–30000 | Pause the response by N ms; above the cap returns 400. |
| mock_date | YYYY-MM-DD (Europe/Oslo) | Pin the sandbox "now" to a wall-clock date for deadline and late-filing rehearsal. |
Magic VAT values
On a live sandbox mva_melding execute, the payload content forces a deterministic filing outcome — exercising the decision path the way real data would. a_melding always takes the plain accepted path.
| Field | Value | Outcome | HTTP |
|---|---|---|---|
| total_revenue_nok | 0 | Edge rejection — VALIDATION_FAILED (a declared MVA-melding cannot report zero revenue) | 400 |
| total_revenue_nok | 99999999 | Government rejection — GOVERNMENT_VALIDATION_REJECTED, with a Skatteetaten-shaped TOTALS_DO_NOT_RECONCILE upstream envelope | 422 |
| period | YYYY-MMbefore sandbox "now" | Accepted but flagged filed_late: true | 200 |
| * | any other consistent payload | Accepted — deterministic mock receipt (nothing is submitted) | 200 |
Execute action types
The action types the sandbox write-side accepts. Append ?dry_run=true to POST /api/v1/sandbox/actions/execute for the five prerequisite checks plus a would_be_payload preview — nothing is submitted.
- mva_melding
- a_melding