RETM | REST API
  1. Authentication
RETM | REST API
  • Developer guide
  • New to our DevPortal 🤔
  • Authentication
    • Token
      POST
  • Webhook
    • Overview
    • Invoice Webhooks
      • Webhook Events
      • Invoice Created
    • Orders Webhooks
      • Webhook Events
      • Order Triggeres
    • Menu Webhooks
      • Menu Updates
      • Menu Changed
    • Loyalty Webhooks
      • Promotional Coupon
      • Check Reward
      • Redeem Reward
    • Customer webhook
      • Customer Data
      • Customer hook
    • Error webhook
      • Stay Alert to Connectivity Issues
      • Error webhook
  • Orders
    • Orders
      GET
    • Create Order
      POST
    • Cancel Order
      POST
    • Update delivery order status
      POST
  • Menu
    • Categories
      • List Categories
      • Single Categoy
    • Products
      • Products
      • Single Product
      • Simple List
    • Menu
      GET
  • Branches
    • Branches
      GET
  • Devices
    • Devices
      GET
  • Order type
    • Order types
      GET
    • Create order type
      POST
  • Price Lists
    • Price Lists
      GET
  • Payment Methods
    • Payment methods
    • Create pay method
  • Order Charges
    • order charges
    • Create order charges
  • Taxes
    • Tax list
    • Create tax
  • Customers
    • Customers
  1. Authentication

Token

POST
https://{serviceID}.retm.sa/api/oAuth/token

To obtain an authentication token, meticulously follow these steps:#

1.
Gather Essential Information:
Authorization Code: Retrieve the code from the successful authorization request.
Client Identifier (client_id): Obtain this string from the RETM Dev Portal.
Client Secret (client_secret): Securely retrieve this string from the RETM Dev Portal.
2.
Construct the POST Request:
Method: POST
URL:
Staging: https://stg.retm.sa/api/oAuth/token
Production: https://{business_id}.retm.sa/api/oAuth/token
💡
Replace {business_id} with the actual business ID.
Request Body:
{
  "code": "YOUR_AUTHORIZATION_CODE",
  "grant_type": "authorization_code",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}
3.
Carefully Handle the Response:
Upon successful authentication, the response will contain the authentication token, token type, expiration time, and potentially a refresh token.
Inspect the response for any potential errors and handle them accordingly.

Key Considerations:#

Secure Credential Storage: Never store your client ID or client secret in plain text. Utilize secure storage mechanisms to safeguard them.
Environment-Specific URLs: Employ the appropriate URL based on the API environment you're interacting with (staging or production).
Business ID in Production: For production requests, remember to incorporate the business ID within the URL.
By adhering to these guidelines, you'll effectively acquire authentication tokens and securely interact with RETM APIs.

Request

Body Params application/json
grant_type
string 
required
code
string 
required
client_id
string 
required
client_secret
string 
required
redirect_url
string 
required
Example
{
    "grant_type": "authorization_code",
    "code": "tviqe2gQQ",
    "client_id": "wEHMT9PPvuX",
    "client_secret": "e5868ebb4445fc2ad9f949956c1cb9ddefa0d421",
    "redirect_url": ""
}

Responses

🟢200Token
application/json
Body
access_token
string 
required
token_type
string 
required
expires_in
integer 
required
Example
{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NhbmRib3gucmV0bS5zYS9hcGkvb0F1dGgvdG9rZW4iLCJpYXQiOjE2ODcyODI4MjQsImV4cCI6MTY4ODQ5MjQyNCwibmJmIjoxNjg3MjgyODI0LCJqdGkiOiJOWXlLdXRHQ1VLNUVISDFLIiwic3ViIjoiMyIsInBydiI6IjZkNmE2NWUyYjkzMjQ5MDc1YzZjNGVkMzY2ZGI2NzRmNGVlY2FkNjMifQ.C9KmICgDAOP_Rf_GXo3esGWpehn8Ufy3ZDhc3FfWtMo",
    "token_type": "bearer",
    "expires_in": 1209600
}
Modified at 2025-05-11 13:48:36
Previous
Authentication
Next
Overview
Built with