Authentication Process
This section contains all the information that you need to get your API credentials, and guides you through the authentication process to use the Rappi Public API.
Authentication Requirements
Rappi uses OAuth 2.0 as the authentication method for secure API requests to the Rappi Public API.
During the integration process, Rappi grants you your own set of API credentials. With these credentials, you must generate a token to authenticate when making API requests.
The API credentials that Rappi gives you consist of the following objects:
Item | Description |
---|---|
Client ID | This is the identifier of the client where you authenticate. |
Client Secret | This is the secret that you require to authenticate for your integration. |
Audience | This is the identifiers of the Rappi API. |
Grant Type | This is permission to request. |
Important
Depending on the API you use, the audience will change and you will have to generate a token to use it
Generating an Access Token
Generate an access token through an API call using the POST token
endpoint.
Important
Your access token has a validity of 1 week. After this time, you must generate a new token to continue making requests to our secured endpoint.
To generate your token:
Make a POST
request to one of the following URLs, and add a JSON
to the body of the request with the following object.
URL: https://{NEW_DOMAIN}/restaurants/auth/oauth/token
{NEW_DOMAIN}
: This is your new Rappi Country Domain. See the list of new Country Domains.
The following code sample the structure of the JSON
object in the body of the request:
{ "client_id": "7iCfjZCO4bTns3OjqLK4de2GV3sp6Ymd", "client_secret": "40iFFYJV9A1LrVmJsaIeARW40iFFYJV9A1LrVmJsaIeARW40iFFYJV9A1LrVmJsaIeARW", "audience": "{OLD_DOMAIN}/api/v2/restaurants-integrations-public-api", "grant_type": "client_credentials" }
{OLD_DOMAIN}
: This is your old Rappi Country Domain. See the list of old Country Domains.
Note
The values from this JSON
are not real data. Ensure to replace them with your own data when making API requests.
The following table describes the values of the request body attributes:
Attributes | Requirement | Description |
---|---|---|
client_id string | required | Client Id of your Rappi Credentials. |
client_secret string | required | Client Secret of your Rappi Credentials. |
audience string | required | Identifier of the Rappi API. |
grant_type string | required | Permission to request. |
The system responds with your access_token
.
Now that you have your token, you can start integrating with the Rappi Public API.
Audiences
API Audience | Value |
---|---|
Public Api V2 | {OLD_DOMAIN}/api/v2/restaurants-integrations-public-api |
Utils | https://rest-ops-utils/api |
{OLD_DOMAIN}
: This is your old Rappi Country Domain. See the list of old Country Domains.
Using Your Access Token
To authenticate using your access token when making API requests:
Include your access token in a custom header of your request with the following values:
Key | Value |
---|---|
x-authorization | Bearer [{access_token} ] |
{access_token
}: This is your generated access token.
Ensure to include these values in the header of all your API requests for a successful authentication.