Skip to main content

Create Portal Session

POST/portal-sessions
Creates a billing portal session for a customer. The portal allows customers to view their subscriptions, update payment methods, cancel subscriptions, and change plans — all without requiring you to build a subscription management UI.

Authentication

Headers

HeaderValueRequired
AuthorizationBearer YOUR_API_TOKENYes
Content-Typeapplication/jsonYes
Acceptapplication/jsonRecommended

Request Body

ParameterTypeRequiredDescription
customer.idintegerConditionalExisting customer ID. If provided, other customer fields are ignored.
customer.country_codestringConditionalCustomer’s country dial code (e.g. "966" for Saudi Arabia, "971" for UAE). Required if customer.id is not provided.
customer.phonestringConditionalCustomer’s phone number, 5-15 digits (e.g. "512345678"). Required if customer.id is not provided.
return_urlstringNoURL to redirect to when the customer exits the portal
expires_inintegerNoSession lifetime in seconds (300-86400, default: 3600)
You must provide either customer.id (to reference an existing customer) or customer.country_code + customer.phone (to look up the customer by phone).

Example Request (By Phone)

curl -X POST "https://merchant-api.rmz.gg/shawarma/portal-sessions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "customer": {
      "country_code": "966",
      "phone": "512345678"
    },
    "return_url": "https://yourapp.com/account"
  }'

Example Request (By Customer ID)

curl -X POST "https://merchant-api.rmz.gg/shawarma/portal-sessions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "customer": {
      "id": 4501
    },
    "return_url": "https://yourapp.com/account"
  }'

Success Response

{
  "message": "Portal session created successfully",
  "data": {
    "url": "https://billing.rmz.gg/s/aB3xK9mP...",
    "expires_at": "2025-06-01T01:00:00.000000Z"
  },
  "api": "rmz.shawarma",
  "timestamp": 1699999999
}

Response Fields

FieldTypeDescription
urlstringURL to redirect the customer to (https://billing.rmz.gg/s/{token})
expires_atstringISO 8601 timestamp when the session expires (default: 1 hour, configurable via expires_in)

Portal Capabilities

The customer billing portal allows customers to:
CapabilityDescription
View subscriptionsSee all active, past due, and canceled subscriptions
Cancel subscriptionCancel at end of period or immediately
Change planUpgrade or downgrade to a different subscription variant
Update payment methodAdd or change the saved card for auto-renewal
View invoicesSee payment history and invoice details

Authentication Flow

The portal uses OTP (one-time password) verification to authenticate the customer:
  1. Your server creates a portal session via this endpoint
  2. Redirect the customer to the url
  3. The customer verifies their identity via OTP sent to their phone
  4. After verification, the customer can manage their subscriptions
  5. When done, the customer is redirected to your return_url
Portal session URLs are single-use and expire based on the expires_in parameter (default: 1 hour). Generate a new session each time the customer needs to access the portal.
The portal is fully hosted by RMZ and styled to match your store theme. You do not need to build any subscription management UI on your end.

Error Responses

CodeDescription
401Unauthorized — invalid or missing token
404Customer not found
422Validation error — missing or invalid parameters