Skip to main content

Set Up Your Application

Before you can call the API, create an application in the Merchant Portal to obtain your credentials (clientId / clientSecret) and generate the RSA keys used to sign requests.

note

You only need to do this once. These credentials are used for both the Access Token flow and the Signature Algorithm.

Step 1Create a New Application

Go to Merchant Portal → Developer → Applications and create a new application:

Step 2Obtain Credentials

Click on the application you created. You can edit and update relevant information here. To disable the application, toggle the ON/OFF switch at the top right:

Click Show to reveal your clientSecret:

Step 3Generate RSA Keys

Go to Merchant Portal → Developer → Application → Generate RSA Key. Recommended key size: 2048-bit.

  • Private Key — store securely, never expose publicly. Used to sign your API requests.
  • Public Key — upload to the Merchant Portal so RM can verify your signatures.

Step 4Wrap Your Public Key (For Signature Debugger)

Your public key needs to be wrapped in standard PEM format before using it with the Signature Debugger:

Step 5Use the Signature Debugger (Optional)

For security purposes, RM has enhanced its authentication flow by adding layers of encryption to endpoints. You may develop your own encryption tool, or use the Signature Debugger to sign and verify content using your private/public keys: