Create Application Client

POST/v3/partner/merchant/{merchantId}/application

This endpoint is for merchants with a Partner account. To activate a Partner account, contact us.

What is this?

Create a new application client for a merchant under your Partner account. An application client contains the clientId and clientSecret used for OAuth authentication with the RM API.

When to Use

Use this endpoint when:

A new application needs to be registered for a merchant
Setting up OAuth credentials for a merchant's integration

How to Use

Step 1: Get the Merchant ID

Locate the merchantId for the merchant you want to create an application for. You can get this from the Get Merchants endpoint.

Step 2: Prepare Application Details

Gather the required information:

Application name
Homepage URL, logo URL, and privacy policy URL
Redirect URIs for OAuth
RSA public key in PEM format

Step 3: Make the POST Request

Send the application details with the merchantId as a path parameter.

Step 4: Store the Credentials

In the response, note the clientId and clientSecret. These are needed for OAuth authentication and cannot be retrieved again later.

Request Parameters

Pass the merchantId as a path parameter in the URL.

userIdStringrequired

The user ID associated with this application.

Example: "1647501978916382207"

nameStringrequired

Name of the application.

Example: "required name"

homePageUrlStringrequired

URL of the application's homepage.

Example: "https://google.com"

logoUrlStringrequired

URL of the application's logo.

Example: "https://google.com"

privacyPolicyUrlStringrequired

URL of the privacy policy page.

Example: "https://google.com"

redirectUriArray[String]required

Allowed redirect URIs for OAuth. Must exactly match URIs registered in the Merchant Portal.

Example: ["https://google.com"]

publicKeyStringrequired

Your application's RSA public key for JWT authentication. Wrap in PEM format.

Example: "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"

isActiveBoolean

Whether the application is active. Defaults to true if not provided.

Example: true

Response Parameters

itemObject

Contains the created application client details including clientId and clientSecret.

Example: (See below)

codeString

"SUCCESS" if the call succeeded. Otherwise returns an error code object. See Appendix 1: Error Codes.

Example: "SUCCESS"

Application object (item):

clientIdString

Unique client identifier for this application. Use this in your OAuth requests.

Example: "1647502414730379278"

clientSecretString

Client secret. Keep this confidential and never expose it in client-side code.

Example: "dtbDsFgbLDzGhMleKjTFZXGxrDKFnMqe"

client.publicKeyString

Your application's public key.

Example: (PEM format)

server.publicKeyString

RM's server public key.

Example: (PEM format)

server.privateKeyString

RM's server private key (for your reference only).

Example: (PEM format)

nameString

Application name.

Example: "required name"

homePageUrlString

Homepage URL.

Example: "https://google.com"

logoUrlString

Logo URL.

Example: "https://storage.googleapis.com/rm-sandbox-asset/img/default-application-logo.png"

privacyPolicyUrlString

Example: "https://google.com"

merchantIdString

Merchant ID this application belongs to.

Example: "1647501978894816174"

userIdString

User ID who created this application.

Example: "1647501978916382207"

oAuthClientProductsArray

OAuth client products.

Example: []

isActiveBool

Whether the application is active.

Example: false

redirectUriArray[String]

Allowed redirect URIs.

Example: ["https://google.com"]

createdAtDateTime

Creation date time of the application.

Example: "2022-03-17T07:33:34Z"

updatedAtDateTime

Last update date time of the application.

Example: "2022-03-17T07:36:10Z"

What is this?
When to Use
How to Use

POSThttps://sb-open.revenuemonster.my/v3/partner/merchant/merchantId/application

No access token

Headers

{}

Body

{
  "userId": "1647501978916382207",
  "name": "required name",
  "homePageUrl": "https://google.com",
  "logoUrl": "https://google.com",
  "privacyPolicyUrl": "https://google.com",
  "redirectUri": ["https://google.com"],
  "publicKey": "-----BEGIN PUBLIC KEY-----
...
-----END PUBLIC KEY-----",
  "isActive": true
}

Example Request

▾

1curl \
2  --location \
3  --request POST "https://sb-open.revenuemonster.my/v3/partner/merchant/{merchantId}/application" \
4  --header "Content-Type: application/json" \
5  --header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMTgtMy0xOCIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiYXBpX2NsaWVudEBFaGNLQzA5QmRYUm9RMnhwWlc1MEVQZUEyYXJ4dk1PSUZnIl0sImV4cCI6MTU5MzU4MDY0NSwiaWF0IjoxNTkwOTg4NjQ1LCJpc3MiOiJodHRwczovL29hdXRoLnJldmVudWVtb25zdGVyLm15IiwianRpIjoiRWh3S0VFOUJkWFJvUVdOalpYTnpWRzlyWlc0UXMtNnI5LVgzbElvVyIsIm5iZiI6MTU5MDk4ODY0NSwic3ViIjoiRWhRS0NFMWxjbU5vWVc1MEVMUF9wNlNKNnFQN0ZSSVFDZ1JWYzJWeUVPaXZfb1dKNnFQN0ZRIn0.RKtXykw3y0ov3mKKa_K2h5FZB2jXtqf3gNRwwnzzA4xTMdY09mEHlFupMeUmchFW2XHYK254LdMYbF4ZhjxK9K51UUdQBYH-zZpo0WWtPSZqrPGtT-c4z_sEO73EDVcek3rDwyWiXvjSKDpsZM7NOdKRm5tvT3qNK-7C7WMUjSXDcBzbTFhwfOAOO1n-wMR9H_w0DuIE-yMjEZkOdt7GUIBC8F5izATlZH0FRTx4VAwQWY4gjjQ9-3PbUbHx-NKiFXwCOAsxu-79PiF0HDEHb6ZOCGywNmKuanEXqLonli0caZiUZfrdT53y3Xnd3W2SEr6s7ZQxWnQO5PeOU7BQYA" \
6  --header "X-Signature: sha256 bFGc2JOEFqdI91DE5VXYBUllr+9DHcrrylRFU3i1r72aPmJreljn0dU+nwPSwTH/dTQUiZ9C2aQSF8AuT959EW4WEyEZ6VWgt9gCyZaU/bcOQ/ZIhKc06+uwzivVhAzpbUtG5tm5/sBp4ig6Sk7L6SE0Ecu6Tm0FhYl0qdgZvrTh4EEpLs3kHIuYL9QXKJILfKlu4gTX1Exrt7nNyEr8ndeUMaKYrj3FckMbRtmCwc829SsVp6FAgvoDPnguUJ+VjLF1e9NXhar2JwYjuqMkwsmUWRDbittqCgCCfaPF8anarlLsoXbdYEa7bp9BYp2U/Dw3Xd2MlamEZSR8H+Dosw==" \
7  --header "X-Nonce-Str: VYNknZohxwicZMaWbNdBKUrnrxDtaRhN" \
8  --header "X-Timestamp: 1528450585" \
9  --data '{ "userId": "1647501978916382207", "name": "required name", "homePageUrl": "https://google.com", "logoUrl": "https://google.com", "privacyPolicyUrl": "https://google.com", "redirectUri": ["https://google.com"], "isActive": true, "publicKey": "-----BEGIN PUBLIC KEY----- MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQBsJf/68nKn3WFcmbA4uK45 YTQJ2M9XRf82COhN6OQpTLs4PEQSFCix9/05DdOfqe4PR64JS+nlA3q54YXLq++b uG8aerNM39Ie0VssTq+Wu3antoq9qvSQL0ADSfLPtWxRKirY8ysrFWN8yU2p7ofp /byYvo5DZ9i6aclctottecc/1NWaXWFSLzbsceSGjP3O+17+gMXCnwroT87XdGXJ Y/D11Cly8sD3Ll9OKIT1aDlKkkR9FWcFct0wDYEedutBAMOFjYAW3jvcUbdi7CKy eX42N7t7dIb1tw+WTFSpx5+tHKqRwLUq5S9eTx4e8+UxJ9LUTyr14O+TkTSL8Fpx AgMBAAE= -----END PUBLIC KEY-----" }'

Example Response▾

1{
2  "item": {
3    "clientId": "1647502414730379278",
4    "clientSecret": "dtbDsFgbLDzGhMleKjTFZXGxrDKFnMqe",
5    "client": {
6      "publicKey": "-----BEGIN PUBLIC KEY-----
7MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQBsJf/68nKn3WFcmbA4uK45
8YTQJ2M9XRf82COhN6OQpTLs4PEQSFCix9/05DdOfqe4PR64JS+nlA3q54YXLq++b
9uG8aerNM39Ie0VssTq+Wu3antoq9qvSQL0ADSfLPtWxRKirY8ysrFWN8yU2p7ofp
10/byYvo5DZ9i6aclctottecc/1NWaXWFSLzbsceSGjP3O+17+gMXCnwroT87XdGXJ
11Y/D11Cly8sD3Ll9OKIT1aDlKkkR9FWcFct0wDYEedutBAMOFjYAW3jvcUbdi7CKy
12eX42N7t7dIb1tw+WTFSpx5+tHKqRwLUq5S9eTx4e8+UxJ9LUTyr14O+TkTSL8Fpx
13AgMBAAE=
14-----END PUBLIC KEY-----"
15    },
16    "server": {
17      "publicKey": "-----BEGIN RSA PUBLIC KEY-----
18MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PfCJJSxGIvXNI//SROs
193RK183bs25NjzJH6iXB3Y3hPmHWzGRckU0IAmCMIpu37p76DgzMJF8jfyZmvVNBv
20ftQaQUGsCyUlGb+zkBGhdYC7uNmOfCpx49+ic3GrOnXrX/2x32qSRoLq3Ux1iZWf
21TA03Pb1O7v8ikBI1NN8z8+GR2IY6eWlr53+sSw/nFVKFwgnij3AV7rxmjuQOPdnn
2248tQJfm7uOGWy2HSlg8Mu2GJWhZar3GfEGVEfBLXN2AUTLCQGmVX/MqwWCsE+vjz
23985meEuMAXKe8OiFUlRn2Y/8nX0rT/YCqorTRWURNrYKr34f50G287kIm3s7vVmW
24wwIDAQAB
25-----END RSA PUBLIC KEY-----",
26      "privateKey": "-----BEGIN RSA PRIVATE KEY-----
27MIIEpQIBAAKCAQEA3PfCJJSxGIvXNI//SROs3RK183bs25NjzJH6iXB3Y3hPmHWz
28GRckU0IAmCMIpu37p76DgzMJF8jfyZmvVNBvftQaQUGsCyUlGb+zkBGhdYC7uNmO
29fCpx49+ic3GrOnXrX/2x32qSRoLq3Ux1iZWfTA03Pb1O7v8ikBI1NN8z8+GR2IY6
30eWlr53+sSw/nFVKFwgnij3AV7rxmjuQOPdnn48tQJfm7uOGWy2HSlg8Mu2GJWhZa
31r3GfEGVEfBLXN2AUTLCQGmVX/MqwWCsE+vjz985meEuMAXKe8OiFUlRn2Y/8nX0r
32T/YCqorTRWURNrYKr34f50G287kIm3s7vVmWwwIDAQABAoIBAQC3C/8l8o8qOF3U
33Sx09WjEvCdr0jqXz14sq4hrbU/Fy0y2MrKPquwL6fYikfxEhx69a7DVhsBtuOpc4
34GDnoVqqmM+pz+IUezmyHggir5g8MmdHodUDVlwu1q4KVg6pGyXxsjmqVG2GFS9pn
357HjJusq1Y5VJbdM/pNbq5kpxPB17fuznDBXXE7pPQ5V1MbmarNO7EyU5yrhqDqhB
36rTHoZSb9qQ1d7oQSl7JCrolAvmdjgVoHedYECT4vDVYi7yVgsQtKVxt29TDTi1jA
37mDXXC+pBtVxgtuRJzkFp6NHTc9CfcJ+mg98bPKag/VQDvAnS+8Lai/NpIMp1NXFp
38uARJ6c+hAoGBAPVMGMSduFzXcSC2TpmGfnE36svYKg6SPEa80yQsDPWCcKG09r26
39+QkrgOJkIcjFjMsg6y7OvxVQ7NXqYOBv9LqOqhmp4RBAMryxQeh4sWi69EBEEmIL
40DWXvrxu0u18910vdizGvru+Mq2jD1qEFUem1m2acOig/EK+1Ho1M9hkJAoGBAOab
416Im7npFfkZVRx/np+bUUwo+38YI2kIq6GHEtdzRdL4L6wk5YxCMB1T6Mv1PGtgnY
42Y9plWuMJpW4kuarhYWRFHr0RFUCExYn9PGScc4EZ8OVgRzYMrYrAH0MZS1eRFkbi
43H/PDqcwarQW5Ic56Q+BJ38p/0B2Syr0UACL3fCBrAoGBAKbOJpGdhz9rKfzKvExe
44TyGCmuIfjwn1m5Om2BXi9rUFDL6KJrgCq1L3CF/rI6Y54HJJYmSkJwDB1SvqhBJb
45T5qFZVqqUOgSH+58w4roeAv2Bh6lq7KMPYIyKWu3zSsJDJ0EfKE/DMDNccp+UjeR
46PJCm9JQkbM/tgtVZXvtLeJaxAoGBALLj6OzHbYeKIm455a5ZscqmExPX9nIzj8b9
47+634PguR6iRqD8clFumtJ1YBav47HMXgZf1qOKn8tqcNuDX15k4ZTHIQSXMmS/Ly
48TiIiN3vDutrE6Bjmls0Wommzun1wYF6WVYEMnLBnVScmaTI6KGNaC0+T/MakM7+f
49P0fgwhqHAoGAC9g5GYadr7C4CFPku4yOxpnOae5wR8FcxjNkfIJxV9DULjaTzISs
50zAKio5XbYR/Q4HnIYKS9vjIF7IOJGawt4MQGxAJBIdeye0w9DGyTU5In0ZlCGa6n
51gmxGBxjCTaGGSuUnA9VcCV6g4xpW1JIXCoJUl0EY/a+Re8hENR/HmH0=
52-----END RSA PRIVATE KEY-----"
53    },
54    "name": "required name",
55    "homePageUrl": "https://google.com",
56    "logoUrl": "https://google.com",
57    "privacyPolicyUrl": "https://google.com",
58    "merchantId": "1647501978894816174",
59    "userId": "1647501978916382207",
60    "oAuthClientProducts": [],
61    "isActive": false,
62    "redirectUri": ["https://google.com"],
63    "createdAt": "2022-03-17T07:33:34Z",
64    "updatedAt": "2022-03-17T07:36:10Z"
65  },
66  "code": "SUCCESS"
67}

Prerequisite

Products

Miscellaneous

Create Application Client

What is this?

When to Use

How to Use

Step 1: Get the Merchant ID

Step 2: Prepare Application Details

Step 3: Make the POST Request

Step 4: Store the Credentials

Request Parameters

Response Parameters