# MD for: https://www.mercadopago.com.ar/developers/es/docs/smartapps/create-application.md

\# Create application \*\*Applications\*\* are registered entities within Mercado Pago that act as a unique identifier for managing the authentication and authorization of your integrations. In other words, they serve as the link between your development and Mercado Pago, and they constitute the first stage in carrying out the integration. With them, you can access the necessary :toolTipComponent\[credentials\]{link="/developers/en/guides/additional-content/your-integrations/credentials" linkText="Credentials" content="Unique access keys used to identify an integration in your account, linked to your application. For more information, access the link below."} to interact with our APIs or specific services, as well as manage and organize your integration, which is why you must create an application for each Mercado Pago solution you integrate. To create an \*\*application\*\*, follow the steps below. 1\. In the upper right corner of Mercado Pago Developers, click on \*\*Login\*\* and enter the required information with the data for your Mercado Pago account. 2\. Once you are logged in, in the upper right corner of Mercado Pago Developers, click on \*\*Create application\*\* if your account does not yet have any created applications, or go to "Your integrations" and select \*\*View all\*\*. There, click on \*\*Create application\*\*. 3\. Once inside \*\*Your integrations\*\*, click on the \*\*Create application\*\* button. > NOTE > > To protect your account and ensure compliance with operations, during the creation of an application, you will need to do an identity verification if you haven’t done so already, or a re-authentication if you have previously completed the verification process. !\[create-application-1\](https://www.mercadopago.com.ar/images/snippets/create-application-1-es-v1.png) 4\. Enter a \*\*name\*\* to identify your application. The limit is up to 50 alphanumeric characters. 4\. When asked about the \*\*type of payment solution to integrate\*\*, select \*\*Instore payments\*\*, which is the type of solution corresponding to physical stores. 5\. Then, choose \*\*PointdeMercadoPago\*\* as the product you are integrating. 6\. Accept the \[Privacy Statement\](https://www.mercadopago.com.ar/privacidad) and the \[Terms and Conditions\](https://www.mercadopago.com.ar/developers/en/docs/resources/legal/terms-and-conditions) and click on \*\*Create application\*\*. !\[create-application-2\](https://www.mercadopago.com.ar/images/point-orders/create-app-point-es-v1.png) In \[Your integrations\](https://www.mercadopago.com.ar/developers/panel/app), you can view the list of all your created applications and access the \[Integration data\](https://www.mercadopago.com.ar/developers/en/docs/smartapps/resources/application-details) of each one. > NOTE > > If necessary, you can edit or delete an application. In the latter case, keep in mind that your store will stop using our resources or receiving payments through the Mercado Pago integration associated with that application. For more information, access \[Integration data\](https://www.mercadopago.com.ar/developers/en/docs/smartapps/resources/application-details). ## Access credentials After creating your application, you will need to access the :toolTipComponent\[credentials\]{link="/developers/en/docs/smartapps/resources/credentials" linkText="Credentials" content="Unique access keys with which we identify an integration in your account, linked to your application. For more information, access the documentation."} necessary to continue with the integration process. Depending on whether you are doing your own integration or for a seller, these credentials will be different and obtained in different ways. - \*\*Get credentials for own terminal integration:\*\* to integrate your company's own business management applications (SmartApps) to Mercado Pago's Point Smart, you will need to access your application's production credentials, which can be activated in \[Your integrations\](https://www.mercadopago.com.ar/developers/panel/app). - \*\*Get credentials for a third-part integration:\*\* to integrate third-party business management applications (SmartApps) to Mercado Pago's Point Smart, you will need to obtain credentials through the :toolTipComponent\[OAuth\]{link="/developers/en/docs/smartapps/resources/security/landing-hub" linkText="OAuth" content="Private key generated through the OAuth security protocol, which allows managing integrations on behalf of third parties. For more information, access the documentation."} security protocol. Select the option that best suits your needs and follow the indicated steps to access the credentials. ::::TabsComponent :::TabComponent{title="Get credentials for own terminal integration"} The process of obtaining credentials for your own SmartApps integration to the Point terminal is based on activating your :toolTipComponent\[production credentials\]{content="Set of unique access keys linked to your application that allow receiving real payments. You can access them through \*Your integrations > Integration data > Production > Production credentials\*. Use your production Public Key on the frontend, and your production Access Token on the backend."}. Follow the steps below to learn how to activate them. 1\. Access \[Your integrations\](https://www.mercadopago.com.ar/developers/panel/app) and select an application. 2\. Go to the \*\*Production credentials\*\* section in the left sidebar menu. In the \*\*Industry\*\* field, select the industry or sector to which the business you are integrating belongs from the dropdown menu. 3\. In the \*\*Website (required)\*\* field, fill in the URL of your business website. 4\. Accept the \[Privacy Statement\](https://www.mercadopago.com.ar/privacidad) and the \[Terms and Conditions\](https://www.mercadopago.com.ar/developers/en/docs/resources/legal/terms-and-conditions). Fill in the reCAPTCHA and click \*\*Activate production credentials\*\*. When accessing production credentials, the following credential pairs will be displayed: !\[Cómo acceder a las credenciales a través de Tus Integraciones\](https://www.mercadopago.com.ar/images/snippets/credentials-prod-panel-es-v2.jpg) To integrate SmartApps with the Point terminal, you will need your :toolTipComponent\[Access Token\]{content="Private key of the application created in Mercado Pago, used in the backend. You can access it through \*Your integrations > Integration data > Production > Production credentials\*."}—which is used for creating stores and cashiers, and later for the association to the Point terminal (performed by the Mercado Pago team). Additionally, use your :toolTipComponent\[Client ID\]{content="Unique identifier that represents your integration. You can access it through \*Your integrations > Integration data > Production > Production credentials\*."} to identify transactions. ::: :::TabComponent{title="Get credentials for a third-part integration"} If the SmartApps integration will be used on Point terminals linked to accounts different from that of the integrator responsible for the application, the users of those accounts must be granted permission to access the application, so that they can view information or perform operations. For this, access must be granted through the \[OAuth\](https://www.mercadopago.com.ar/developers/en/docs/smartapps/resources/security/landing-hub) protocol, using the \[Authorization code\](https://www.mercadopago.com.ar/developers/en/docs/security/oauth/creation#bookmark\_authorization\_code) flow, which generates an Access Token for use of the APIs on behalf of third parties. This process requires authorization from the account owner through an approval URL. 1\. Access \[Your integrations\](https://www.mercadopago.com.ar/developers/panel/app) and select the previously created application with which you are integrating your SmartApp. 2\. In \[Integration data\](https://www.mercadopago.com.ar/developers/en/docs/smartapps/resources/application-details), select the option to \*\*Edit\*\* your data. 3\. Go to the \*\*Advanced settings\*\* section and declare a \*\*Redirect URL\*\* where you will receive the authorization code to obtain the Access Token via OAuth. Make sure it is a static URL and uses the \`https\` protocol. > SUCCESS\_MESSAGE > > Optionally, in your advanced settings, you can add the PKCE protocol for an extra layer of security when obtaining the code. Access \[the documentation\](https://www.mercadopago.com.ar/developers/en/docs/security/oauth/creation#bookmark\_configurar\_pkce) for more details. 4\. Complete the reCAPTCHA and click \*\*Save changes\*\*. 5\. Now, send the seller the authentication URL following the scheme below. \`\`\`url https://auth.mercadopago.com/authorization?client\_id=APP\_ID&response\_type=code&platform\_id=mp&state=RANDOM\_ID&redirect\_uri=https://www.redirect-url.com \`\`\` | Field | Description | |---------------|-------------| | \`client\_id\` | Replace "APP\_ID" with your application number. You can find it in Your integrations > \[Integration data\](https://www.mercadopago.com.ar/developers/en/docs/smartapps/resources/application-details). | | \`state\` | Replace "RANDOM\_ID" with a unique identifier per attempt that does not contain sensitive information. This will help validate that the response belongs to your request. | | \`redirect\_uri\`| Enter the same URL that you declared in the "Redirect URLs" field of your application. | 6\. When the application owner accesses this URL and authorizes access, they will be redirected to Mercado Pago to log in and confirm authorization. 7\. Verify that the code was returned correctly in the \`code\` parameter of the redirect URL. This code will be valid for 10 minutes and, after this period, it will expire and it will be necessary for the seller to access the URL again and make a new authorization for a new code to arrive. \`\`\`url https://www.redirect-url.com?code=CODE&state=RANDOM\_ID \`\`\` 8\. Finally, send your \*\*Client ID and Client Secret\*\*, the authorization code returned in the \`code\` property and, if you have \[configured PKCE\](https://www.mercadopago.com.ar/developers/en/docs/security/oauth/creation#bookmark\_configurar\_pkce), the \`code\_verifier\` value to the :TagComponent{tag="API" text="/oauth/token" href="/developers/en/reference/authentication/oauth/\_oauth\_token/post"} endpoint. \`\`\`curl curl -X POST \\ 'https://api.mercadopago.com/oauth/token'\\ -H 'Content-Type: application/json' \\ -d '{ "client\_secret": "client\_secret", "client\_id": "client\_id", "grant\_type": "authorization\_code", "code": "TG-XXXXXXXX-241983636", "code\_verifier": "47DEQpj8HBSa-\_TImW-5JCeuQeRkm5NMpJWZG3hSuFU", "redirect\_uri": "https://www.redirect-url.com?code=CODE&state=RANDOM\_ID", "test\_token": "false" }' \`\`\` In the response to this request, the Access Token will be returned, which represents the link between the accounts, and with which you can make calls to our APIs on behalf of the application owner. \`\`\`json { "access\_token": "APP\_USR-4934588586838432-XXXXXXXX-241983636", "token\_type": "bearer", "expires\_in": 15552000, "scope": "read write offline\_access", "user\_id": 241983636, "refresh\_token": "TG-XXXXXXXX-241983636", "public\_key": "APP\_USR-d0a26210-XXXXXXXX-479f0400869e", "live\_mode": true } \`\`\` > WARNING > > This Access Token is valid for 180 days. You must renew it using the \[Renew Access Token\](https://www.mercadopago.com.ar/developers/en/docs/security/oauth/renewal) flow. If you do not renew it before expiration, it will not be possible to operate or perform transactions with our APIs. ::: :::: This response will also provide the \`user\_id\` value, which will be useful during the configuration of the terminals by the Mercado Pago team.