Servers and Authentication

Development Server

[all countries] https://microservices.dev.rappi.com

Production Servers

ARG https://services.rappi.com.ar

BRA https://services.rappi.com.br

CHL https://services.rappi.cl

COL https://services.grability.rappi.com

CRI https://services.rappi.co.cr

ECU https://services.rappi.com.ec

MEX https://services.mxgrability.rappi.com

PER https://services.rappi.pe

URY https://services.rappi.com.uy

Authentication

Rappi CPG APIs implement JWT-based authentication. You must exchange the credentials provided by Rappi for a JWT access token to authenticate API requests. This token expires after 12 hours. Each time your token expires you must request a new one from the sign-in endpoint.

  • All API requests MUST be made over HTTPS. Calls made over plain HTTP WILL FAIL.
  • API requests without a valid access token WILL FAIL.
note

Your integration credentials carry many privileges, so be sure to keep them secure! Do not share them in publicly-accessible areas such as GitHub, client-side code, chat apps, etc. If a security breach is suspected, contact Rappi ASAP to retire compromised passwords (secrets) and generate new credentials.

Any suspected misuse of the API MAY result in the retailer's access to Rappi's service being suspended pending investigation.

Generate your JWT Access Tokens

POST /cpgops-integrations/retailers/sign-in

This endpoint returns an access token to authenticate your requests for the next 12 hours. To obtain your access token, you must pass a credentials object in the request body.

Request Example

# You can also use wget
curl -X POST https://microservices.dev.rappi.com/api/cpgops-integrations/retailers/sign-in \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{"retailer":"demo-retailer","secret":"IGJBNPYzIecPm1JKqkjnZjaf94ybGnOt"}'

Request Body

ParameterTypeInDescription
retailer requiredstring Your unique username provided by Rappi
secret requiredstringbodyYour secret passcode provided by Rappi

Responses

StatusDescription
200 OKSuccess–access Token returned by Rappi
401 UnauthorizedYour request was submitted without proper credentials

Status Code 200

NameDescription
accessToken string
The JWT access token that must be included in every request to Rappi APIs
expiresIn string
Time in seconds before your token expires
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZXRhaWxlciI6IlJldGFpbGVyIE5hbWUiLCJvd25lciI6InJldGFpbGVyIiwiaWF0IjoxNTkxNzQxODMxLCJleHAiOjE1OTE3ODUwMzEsImlzcyI6IlJhcHBpIn0.BJpDsDeFzpGCUrvnHO1XJ4CDD99mVE7_NbZA-vIuXgk",
"expiresIn": 43200
}