Financial Management Authority
Elfur-API
Elfur API is a web service layer that allows systems to connect directly to Fjársýslan’s core systems. With Elfur API, an institution or partner can:
send and retrieve data automatically between systems
simplify data submissions and reduce manual work
ensure consistent and secure data sharing
Elfur API supports increased automation and efficiency in communication with Fjársýslan and other government institutions.
See the terms for Elfur API. (In development)
What is Elfur-API?
Elfur-API is a web service that provides standardised access to a range of systems and data sets managed by the Financial Management Authority (Fjársýslan). Access is delivered through a REST interface over HTTPS. The aim is to support secure and efficient data processing, enable integration between systems, and promote consistency across government digital services. With Elfur-API, institutions and their partners can access and work with data in a simple, secure and consistent way.
Who is Elfur-API for?
Elfur-API is intended for:
public institutions connected to the Financial Management Authority’s systems
service providers working with Fjársýslan’s data
developers and technical teams building digital solutions for public bodies
Key benefits
Standardised interface: Access via a REST/JSON interface over HTTPS
Secure authentication: OAuth 2.0 using the client credentials flow
Versioning: Version-controlled endpoints (e.g. /v1/...) ensure stability and predictability
Documentation: OpenAPI 3 specification with interactive documentation
Automated operations: Deployment and testing automated via Azure Pipelines
Environments
Elfur-API runs in three separate environments. Each environment has its own base URL, its own Identity Server for authentication, and its own data store.
Environment | Purpose | API base URL |
Development (dev) | Experimentation, build, and pre-release testing | https://fjs-cdn-endpoint-elfur-dev-c6epg2fhcyc2a5bh.a03.azurefd.net |
Test (test / staging) | Verification before production deployment | https://fjs-cdn-endpoint-elfur-test-hhesbzhxabbwbqen.a03.azurefd.net |
Production (prod) | Real-world use by partners | https://fjs-cdn-endpoint-elfur-prod-azescphpe7b5ecf2.a03.azurefd.net |
Corresponding token endpoints for authentication:
Environment | Token endpoint |
Development | https://identity-server.dev01.devland.is/connect/token |
Test | https://identity-server.staging01.devland.is/connect/token |
Production | https://innskra.island.is/connect/token |
Data in the dev and test environments is not real, do not rely on it in production. The production environment handles real transactions and is a shared resource that needs to be handled with care.
Documentation and OpenAPI / Swagger
Each environment publishes its own interactive documentation at the following paths. Prepend the base URL of the relevant environment from the table above to each path:
Purpose | Path |
Catalog page (list of domains) | /docs |
Per-domain documentation (Scalar) | /docs/{domain} |
OpenAPI JSON definition | /swagger/{docName}/swagger.json |
Legacy paths | /swagger and /swagger/index.html (redirect to /docs) |
Example (test environment):
https://fjs-cdn-endpoint-elfur-test-hhesbzhxabbwbqen.a03.azurefd.net/docs
The catalog page lists every domain, shows the status of each (see section 5), and provides both access to the interactive documentation and download of the OpenAPI definition.
Domain statuses
The API is divided into domains by the type of data or by workflow. Each domain has a status indicating how stable its interfaces are. The statuses appear as badges on the /docs catalog page:
Status | Meaning |
Available | Stable and fully supported for production use. Changes that break integrations only appear in new major versions. |
Beta | Usable, but may still change before general availability. |
Deprecated | Supported for now, but planned for phase-out. Avoid starting new integrations against these endpoints. |
The current list of domains and their statuses is always shown at /docs in each environment — treat that page as the single source of truth for what is Available, Beta, or Deprecated at any given time. Authentication Elfur-API uses the OAuth 2.0 client-credentials flow for authentication. A partner requests:
A Client ID and Client Secret from Fjársýslan.
Scopes — a set of permissions describing which domains and operations the client may call. Names follow the pattern @fjs.is/elfur_<domain>_<read|write>, e.g. @fjs.is/elfur_vacancy_read. The list of available scopes is published in the documentation for each domain.
The flow in short:
Send a POST to the environment's token endpoint with grant_type=client_credentials, client_id, client_secret, and a space-separated list of scopes.
Use the returned access_token in the Authorization: Bearer <token> header when calling Elfur-API.
For some endpoints (for example, those handling employee data) access control also takes the client_id into account — the client may need a specific grant for a given organisation in addition to its scope-based rights. Per-domain documentation describes those extra requirements. Versioning
Every URL embeds a version in the path (/v1/...).
The current version is v1.
Changes that break integrations go to a new major version; additions that do not break integrations are released within the same version.
When new versions are released the /docs catalog page is updated automatically.
Support and contact
Documentation and testing: Use the /docs page in the relevant environment.
Access, scopes, and integration: Contact Fjársýslan's access management team.
Issues and incidents: Report through the standard service channels with Fjársýslan.
This document is intended as an overview. Detailed endpoint descriptions, data schemas, and change history are always published in the interactive documentation at /docs in each environment.