API Authentication

API Authentication

Foodmato uses secure token-based authentication.

Authentication method

  • Bearer token in the header

  • Tokens are linked to a partner app, not a user account

Header example

Authorization: Bearer <ACCESS_TOKEN>
Content-Type: application/json

Token validity

  • Tokens expire every 90 days

  • Renew via your developer dashboard

Common authentication errors

Error
Meaning
Fix
401 Unauthorized
Token missing/invalid
Check header & token expiry
403 Forbidden
No permission for endpoint
Request correct scopes
429 Too Many Requests
Rate limit exceeded
Lower API call frequency


    • Related Articles

    • API Access Request

      Foodmato provides API access for approved partners such as POS systems, aggregators, and enterprise restaurants. Who can request API access POS companies Delivery management platforms Multi-branch restaurants Integrators onboarding multiple merchants ...

    • Update Requirements

      Keeping the Merchant App updated ensures: Faster loading Better compatibility Security improvements New features (prep time, menu tools, etc.) How to update Go to the Play Store Search Foodmato Merchant Tap Update If automatic updates are enabled, ...

    • POS Integration Steps (Deliverect, Otter, etc.)

      Foodmato supports planned integrations with Deliverect, Otter, and other POS aggregators (2025 roadmap). Integration flow Merchant chooses POS provider POS provider requests Foodmato API access Restaurant links Foodmato account to the POS Menus and ...