WARNING Treat the API key and password like you would any other password, since whoever has access to these credentials has full API access.

To interact with the SMART Returns API, your application must provide the necessary authentication credentials on each HTTP request. The way to provide these credentials is more or less the same with which ever tech stack you choose to use.

Applications can interact with the SMART Returns API via basic HTTP authentication over SSL. The required credentials must be generated/requested from the Retain.Me tech team and regenerated upon request.

Applications authenticate through basic HTTP authorization, where the API key of the application is the username, and the Password is the password.

Some HTTP clients support basic authentication by prepending username:password to the hostname in the URL. For example:

POST 45634643FGDFGFDG:hfcdethuzzjhg54 @

If your HTTP client doesn't support basic authentication using this method, then you can provide the credentials in the Authorization header field instead:

Join the API key and password with a single colon (:). Encode the resulting string in base64 representation. Prepend the base64-encoded string with Basic and a space:

Authorization: Basic NDQ3OGViN2FjMTM4YTEzNjg1MmJhYmQ4NjE5NTZ...=