RSA Platform Overview
The RSA Platform is a multi-tenant SaaS system for retail chains — providing loyalty programs, offer management, and point-of-sale (POS) integration as managed services. Each retail chain (tenant) is fully isolated with its own provisioned database.
Five Services
| Service | Port | Purpose | Auth |
|---|---|---|---|
| Identity API | 5000 | OAuth 2.0 / OIDC tokens, MFA, invitations | Public |
| Platform API | 5004 | Tenant & retailer management, provisioning | platform.read |
| Admin API | 5002 | Offers, campaigns, stores, users, clients | admin.read |
| Shopper API | 5001 | Member self-service, offers, loyalty | shopper.read |
| POS API | 5003 | Basket creation, offer resolution, loyalty earn | pos.read |
Choose Your Path
POS Vendor — You are integrating a point-of-sale terminal. Start with API Keys, then read the POS Integration Guide and the POS API Reference.
Tenant Developer — You are building a shopper-facing app. Start with PKCE authentication, then the Shopper API Reference.
Platform Engineer — You are onboarding a new retail chain. Read Tenant Onboarding and the Platform API Reference.
Key Concepts
- Multi-tenancy — Each retailer has a dedicated SQL Server database. The
tenant_slugin your JWT routes all requests to the correct database automatically. - Offers — Five types (Standard, MustBuy, Employee, Ecom, Recurring) resolved at POS or surfaced via Shopper API.
- Loyalty — Immutable point transaction ledger. Earn at POS, redeem via Shopper API.
- Feature Entitlements — Two-level gate: platform features per tenant, retailer-level feature flags in Redis.
Authentication in 30 Seconds
All APIs accept RS256 JWT Bearer tokens issued by the Identity API at http://localhost:5000. POS terminals can also authenticate via X-Api-Key header.
# Get a token (client credentials)
curl -X POST http://localhost:5000/connect/token \
-d "grant_type=client_credentials" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_SECRET" \
-d "scope=admin.read"
See Authentication for complete details.