Development Guides
Development of MiniApps is not rocket science! Here are some guides to help you.
MiniApp Manifest and Meta Data

Your manifest file is used for communicating meta-data about your MiniApp to the Host Ap p.

This manifest is retrieved by the Host App before the MiniApp is downloaded, so the Host App may use the information from the manifest to accomplish several possible uses, including:

  • Display an "Approval" screen before downloading the MiniApp. An "Approval" screen may list the permissions which your MiniApp wishes to use as well as some other information requested by your Host App such as terms and conditions, privacy policy, description, etc.
  • Tag & Categorize your MiniApps
  • Add custom data fields required for other purposes such as analytics

Mini App Manifest Processing Flow Chart

 

 

manifest.json

You should create a file named manifest.json in the root directory your MiniApp assets and include it in the ZIP file which you upload to the RAS Portal. For example:

            
        
                                    

MyMiniApp.zip

├── manifest.json

├── index.html

├── css

│   └── myStyles.css

The following is an example manifest.json. Each field is explained in more detail below. In this example, we assume an approval screen use case called "Terms & Conditions." However, each Host App must define required parameters.Note: This file will be removed at upload time. You should not rely on it in your codebase. This file will still count towards the total file size of your uploaded version.

Example manifest.json

            
        
                                    

{

  // The mini app should use "reqPermissions" for setting which permissions it requires.

  // These permissions will be requested by the host app before launching and downloading the mini app.

  // The user MUST accept these permissions before the mini app can be launched.

  "reqPermissions": [

    {

      "name""rakuten.miniapp.user.USER_NAME",

      "reason""Describe your reason here (optional)."

    },

    {

      "name""rakuten.miniapp.user.PROFILE_PHOTO",

      "reason""Describe your reason here (optional)."

    }

  ],

  // The mini app should use "optPermissions" for setting which permissions it will optionally use.

  // These permissions will be requested by the host app before launching and downloading the mini app.

  // The user can choose to either accept or deny these permissions before the mini app is launched.

  "optPermissions": [

    {

      "name""rakuten.miniapp.user.CONTACT_LIST",

      "reason""Describe your reason here (optional)."

    },

    {

      "name""rakuten.miniapp.device.LOCATION",

      "reason""Describe your reason here (optional)."

    },

    {

      "name""rakuten.miniapp.user.action.SEND_MESSAGE",

      "reason""Describe your reason here (optional)."

    },

    {

      "name""rakuten.miniapp.user.ACCESS_TOKEN",

      "reason""Describe your reason here (optional)."

    }

  ],

  // For access tokens, can define which "audience" and "scopes" you would like permission to use

  "accessTokenPermissions": [

    {

      "audience""rae",

      "scopes": ["idinfo_read_openid""memberinfo_read_point"]

    },

    {

      "audience""api-c",

      "scopes": ["your_service_scope_here"]

    }

  ],

  // The Host App can require additional keys that the mini app developer must set

  "customMetaData": {

    "provider""Your Company Name",

    "description""Description of your Mini App.",

    "fileSizeInMb""2.3",

    "importantNotice""Lorem ipsum dolor set.",

    "termsLink""https://www.example.com",

    "privacyPolicyLink""https://www.example.com"

  }

}

Required and Optional Permissions

The reqPermissions and optPermissions blocks are used for setting the permissions which you wish to use in your mini app. The permissions which you list will be requested to the user before the mini app is downloaded or launched. If you do not set the permission here (under either reqPermissions or optPermissions), then your mini app will not be able to use that permission even if it is requested at runtime.

  • reqPermissions - "Required Permissions" are permissions that your mini app requires in order to run. The user CANNOT launch your mini app without granting these permissions.
  • optPermissions - "Optional Permissions" are permissions which your mini app would like to use but are not required. The user can choose to accept or deny these permissions to your mini app. If you want to request a permission at runtime it MUST be listed under optPermissions.

Each of these keys are set as an array of objects representing the permissions you need. Each permission consists of two properties:

  • name - String representing the permission you want.
    • MUST match one of the custom permission names supported by the SDK (see CustomPermissionName) and should start with  "rakuten.miniapp.". If the permission name is not recognized by the SDK, then the permission will be ignored.
  • reason (optional) - String which describes why your Mini App needs this permission.

Access Token Permissions

If you wish to use Access Tokens in your MiniApp, then you must set the accessTokenPermissions block. This defines which services and scopes you would like permission to use when requesting an Access Token.

The Host App may deny your usage of the Access Token if you request scopes which your MiniApp isn't authorized to use.

Each entry consists of the following properties:

  • audience - String representing which service the Access Token is for. Can be "rae" or "api-c".
  • scopes - Array of strings representing the scopes you want for the access token.

Custom Meta Data

This key/values under customMetaData are used for displaying a T&C/Permissions Approval screen before your MiniApp is downloaded. The following key/values should be defined:

  • provider - name of your company
  • description - description of your MiniApp
  • fileSizeInMb - size of the ZIP file for your MiniApp in MB
  • importantNotice - this field should be used for any important information you wish to convey to users before your MiniApp is downloaded
  • termsLink - URL link to your Terms & Conditions
  • privacyPolicyLink - URL link to your privacy policy

Manifest Storage & Security

This feature is not intended to pass secrets or confidential information. 

Example File

This file is for demonstration purposes only.

example-manifest.json

            
        
                                    

{
  "customMetaData": {
    "provider": "Your Company Name",
    "description": "Description of your MiniApp.",
    "fileSizeInMb": "2.3",
    "importantNotice": "Lorem ipsum dolor set.",
    "termsLink": "https://www.example.com",
    "privacyPolicyLink": "https://www.example.com"
  },
  "reqPermissions": [
    {
      "name": "rakuten.miniapp.user.USER_NAME",
      "reason": "Describe your reason here (optional)."
    },
    {
      "name": "rakuten.miniapp.user.PROFILE_PHOTO",
      "reason": "Describe your reason here (optional)."
    }
  ],
  "optPermissions": [
    {
      "name": "rakuten.miniapp.user.CONTACT_LIST",
      "reason": "Describe your reason here (optional)."
    },
    {
      "name": "rakuten.miniapp.device.LOCATION",
      "reason": "Describe your reason here (optional)."
    },
    {
      "name": "rakuten.miniapp.user.action.SEND_MESSAGE",
      "reason": "Describe your reason here (optional)."
    },
    {
      "name": "rakuten.miniapp.user.ACCESS_TOKEN",
      "reason": "Describe your reason here (optional)."
    }
  ],
  "accessTokenPermissions": [
    {
      "audience": "rae",
      "scopes": ["idinfo_read_openid", "memberinfo_read_point"]
    }
  ]
}

move to top