What is the difference between calling Brønnøysund directly and going through Apier?

Brønnøysund returns raw company-registry rows — NACE codes, signaturrett, prokura, dissolved status. Apier returns the same data plus the cross-agency obligation verdict: who must file MVA bimonthly, who needs an auditor by year-end, whose delegation expires in 30 days. Apier sits at the layer where regulatory state from Brønnøysund + Skatteetaten + NAV + Altinn 3 is reconciled into a single context an agent can plan against. If you only need Tier 1 registry data, calling Brønnøysund directly is free and reasonable. If your agent needs to act on that data — file, delegate, validate — the integration cost flips toward Apier.

Does Apier work with the Model Context Protocol (MCP)?

Yes. The @apier-no/mcp npm package is live as of 2026-05-13. Drop it into any MCP-compatible client (Claude Desktop, Cursor, custom harnesses) via npx and your agent gets the Apier tool surface — get_company_summary, get_company_obligations, get_company_deadlines, list_acting_capacity, check_authorization, validate_action, explain_compliance_error — over the standard JSON-RPC protocol. Same tools the REST surface exposes, no separate integration.

Can my agent file taxes or submit MVA on behalf of a Norwegian company?

Dry-run validation: yes, today, via POST /api/v1/actions/execute?dry_run=true (mva_melding and a_melding). Live submission: mva_melding is live-wired against the Altinn 3 submitter with Maskinporten production approval gating the actual upstream call; a_melding live submission lights up when the NAV integration completes. Every action requires a single-use approval token (auth.approval_token) plus an active Altinn System User delegation for the org. Live submission emits an HMAC-signed receipt envelope you can persist for audit.

What happens on June 19, 2026 when Altinn 2 shuts down?

DigDir is decommissioning Altinn 2 on 19 June 2026. Every agent integration still pointed at Altinn 2 endpoints stops working that day. Apier already integrates with Altinn 3 and exposes the Altinn 2 → Altinn 3 access-package mapping as a public lookup at /api/v1/tools/altinn-migration. The migration use case page at /use-cases/altinn-migration covers the deadline, the mapping logic, and what changes in the delegation model.

Do I need separate Maskinporten credentials for each customer?

No. Apier brokers Maskinporten centrally. Your product authenticates with Apier using one Bearer API key; per-customer authority comes from the Altinn System User delegation that customer grants your account. Each customer's delegation scopes which APIs your agent can call on their behalf; Apier resolves the right Maskinporten token at request time and never returns the raw OAuth token to your code. One enterprise certificate, one Maskinporten client, N customer delegations — managed at the gateway layer.

How is Apier different from a country-specific government API wrapper?

Wrappers expose endpoints. Apier exposes verdicts. A wrapper around the Brønnøysund API returns the company row; an agent has to know which fields combine with which Skatteetaten / NAV / Altinn signals to answer 'does this company need an auditor by year-end?'. Apier ships that logic as the Universal Rulebook — versioned regulatory rules with legal citations (Aksjeloven, MVA-forskriften, A-opplysningsloven, etc.) — so the agent gets the verdict directly. Same shape for deadline math (Europe/Oslo + DST-aware) and the Compliance Explainer (Norwegian-bokmål error envelopes). The wrappers are inputs; Apier is the layer above.

Use case

Norwegian compliance infrastructure for AI agents

Maskinporten, Altinn 3, and Brønnøysund — without your agent building the integration.

Apier is a developer-facing API for AI agents touching Norwegian regulatory infrastructure. Not an end-user tool.

Sovereign Friction is the moat your agent does not want to rebuild

Norwegian regulatory infrastructure is a six-to-twelve-month integration that changes every quarter. The pieces an agent must either solve or skip:

Authority chains. Signaturrett, prokura, daglig leder, board members, Altinn System User delegation scopes — who is legally allowed to act for a given organisation, and which subset of actions they can authorise. The mapping is non-obvious (prokura covers commercial signing but not tax submission; signaturrett may be joint-only) and the rules are codified across Brønnøysund, Aksjeloven, and Altinn's delegation model.
Maskinporten credential lifecycle. Virksomhetssertifikat from Buypass or Commfides → Samarbeidsportalen onboarding → Maskinporten client + RSA keypair → Altinn System Register entry → per-customer System User delegation. Six portals, four agencies, expiry / rotation cycles, separate live vs test environments. Every customer multiplies the delegation step.
Quarterly rule drift. MVA-forskriften, Skatteforvaltningsloven, Aksjeloven, and A-opplysningsloven update on Stortinget cycle; thresholds (27 MNOK auditor trigger, 50 ansatte ledelse / verneombud, MVA-fritak), filing cadence (bimonthly vs yearly MVA terminer), and entity-type nuances (AS vs ENK vs NUF) all shift. Agents that hard-code the rules go stale silently.

What Apier provides — nine infrastructure components

Each component is consumable as REST, as MCP, or as both. Agents pick the surface that fits the harness; the verdicts are the same shape across surfaces.

Auth Gateway. Maskinporten JWT client-assertion + token caching + Altinn 3 System User delegation flow. One Bearer API key per consumer; raw OAuth tokens never leave the gateway.
Registry Engine. Canonical company state reconciled across Brønnøysund (Tier 1) + Skatteetaten (MVA-register, MVA-meldinger, skatteoppgjør) + NAV (Aa-registeret aggregates) + Altinn (delegations).
Universal Rulebook. Versioned regulatory rules with legal_reference citations (Aksjeloven § 7-6, MVA-forskriften, A-opplysningsloven § 3, Bokføringsloven § 13). Deterministic evaluation; same input + rulebook_version produces byte-identical output.
Deadline Engine. MVA terminer, A-melding cadence, skattemelding, årsregnskap, revisor-threshold checkpoints — calendar math in Europe/Oslo with full DST-awareness, weekend / holiday adjustments built in.
MCP Server. Every tool above exposed over the Model Context Protocol at /api/mcp. Live as @apier-no/mcp on npm — see the snippet below. Same auth, same scopes, same determinism contract.
Intent-to-Action Parser. Natural-language action requests resolved into structured dry-run + live submission pipelines (mva_melding, a_melding, skattemelding). Validation gates run before any upstream call; live submission requires a one-time approval token.
AI-Agent Discovery. llms.txt, llms-full.txt, workflows.json, /api/v1/capabilities, /.well-known/mcp.json, /.well-known/ai-plugin.json — every machine discovery surface populated and stable.
Compliance Explainer. Every Apier error_code resolves to a Norwegian-bokmål Explanation envelope (summary / why / fix_steps / legal_basis / handover) via POST /api/v1/explain. Closed catalogue of compliance error codes; deterministic per (error_code, context).
Sector Rules. Industry-specific obligation overlays (regnskapsbyrå statsautorisasjon, fiskeri salgslagsgebyr, bygg HMS-kort, kraftleverandør NVE-rapportering) layered on top of the universal rulebook for NACE-coded entities.

MCP server, live on npm

@apier-no/mcp shipped to npm on 2026-05-13. Drop it into any MCP-compatible client config and the Apier tool surface lights up — no separate integration.

Claude Desktop / Cursor config

{
  "mcpServers": {
    "apier": {
      "command": "npx",
      "args": ["-y", "@apier-no/mcp"],
      "env": { "APIER_API_KEY": "apier_live_<your_key>" }
    }
  }
}

Source + issues: github.com/PowerLaunch/apier-mcp. Package page: npmjs.com/package/@apier-no/mcp.

What a call looks like

Two paths to the same verdict — the REST surface for any HTTP client, the MCP surface for any agent harness.

REST — curl against the obligations endpoint

curl -H "Authorization: Bearer apier_live_<your_key>" \
  "https://www.apier.no/api/v1/company/991825827/obligations"

No-auth dry-run against synthetic data: curl https://www.apier.no/api/v1/sandbox/public/company/999999999/obligations.

MCP — tools/call from any MCP-compatible harness

// Agent harness (Claude Desktop, Cursor, custom) calls the
// get_company_obligations tool over MCP JSON-RPC. Apier's MCP
// server resolves it against the live Rulebook and returns the
// structured obligation set.
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "get_company_obligations",
    "arguments": { "org_number": "991825827" }
  },
  "id": 1
}

FAQ

What is the difference between calling Brønnøysund directly and going through Apier?: Brønnøysund returns raw company-registry rows — NACE codes, signaturrett, prokura, dissolved status. Apier returns the same data plus the cross-agency obligation verdict: who must file MVA bimonthly, who needs an auditor by year-end, whose delegation expires in 30 days. Apier sits at the layer where regulatory state from Brønnøysund + Skatteetaten + NAV + Altinn 3 is reconciled into a single context an agent can plan against. If you only need Tier 1 registry data, calling Brønnøysund directly is free and reasonable. If your agent needs to act on that data — file, delegate, validate — the integration cost flips toward Apier.
Does Apier work with the Model Context Protocol (MCP)?: Yes. The @apier-no/mcp npm package is live as of 2026-05-13. Drop it into any MCP-compatible client (Claude Desktop, Cursor, custom harnesses) via npx and your agent gets the Apier tool surface — get_company_summary, get_company_obligations, get_company_deadlines, list_acting_capacity, check_authorization, validate_action, explain_compliance_error — over the standard JSON-RPC protocol. Same tools the REST surface exposes, no separate integration.
Can my agent file taxes or submit MVA on behalf of a Norwegian company?: Dry-run validation: yes, today, via POST /api/v1/actions/execute?dry_run=true (mva_melding and a_melding). Live submission: mva_melding is live-wired against the Altinn 3 submitter with Maskinporten production approval gating the actual upstream call; a_melding live submission lights up when the NAV integration completes. Every action requires a single-use approval token (auth.approval_token) plus an active Altinn System User delegation for the org. Live submission emits an HMAC-signed receipt envelope you can persist for audit.
What happens on June 19, 2026 when Altinn 2 shuts down?: DigDir is decommissioning Altinn 2 on 19 June 2026. Every agent integration still pointed at Altinn 2 endpoints stops working that day. Apier already integrates with Altinn 3 and exposes the Altinn 2 → Altinn 3 access-package mapping as a public lookup at /api/v1/tools/altinn-migration. See the migration use-case page for the deadline, the mapping logic, and what changes in the delegation model.
Do I need separate Maskinporten credentials for each customer?: No. Apier brokers Maskinporten centrally. Your product authenticates with Apier using one Bearer API key; per-customer authority comes from the Altinn System User delegation that customer grants your account. Each customer's delegation scopes which APIs your agent can call on their behalf; Apier resolves the right Maskinporten token at request time and never returns the raw OAuth token to your code. One enterprise certificate, one Maskinporten client, N customer delegations — managed at the gateway layer.
How is Apier different from a country-specific government API wrapper?: Wrappers expose endpoints. Apier exposes verdicts. A wrapper around the Brønnøysund API returns the company row; an agent has to know which fields combine with which Skatteetaten / NAV / Altinn signals to answer “does this company need an auditor by year-end?”. Apier ships that logic as the Universal Rulebook — versioned regulatory rules with legal citations (Aksjeloven, MVA-forskriften, A-opplysningsloven, etc.) — so the agent gets the verdict directly. Same shape for deadline math (Europe/Oslo + DST-aware) and the Compliance Explainer (Norwegian-bokmål error envelopes). The wrappers are inputs; Apier is the layer above.

Get started

Free tier ships with one API key and enough quota for prototyping. The MCP server is a single npx away; the REST surface is curlable from anywhere.