Square
Square builds common business tools in unconventional ways so more people can start, run, and grow their businesses effectively. It’s a financial services platform developed by Block, Inc. This platform is majorly aimed at small and medium businesses that allow you to accept credit card payments and use tablet computers as payment registers for a point-of-sale system. The best part about Square is its integration capabilities.
- 1 Authorization
- 1.1 Basic Auth
- 1.2 API Key Authentication
- 1.3 OAuth 2.0
- 2 Square Connections
- 3 Actions
- 3.1 Get Payments
- 3.2 Get Payment Details
- 3.3 Get Customers
- 3.4 Create Customer
Authorization
Basic Auth
The Basic Auth is a method for providing a username and password for making requests through HTTP. While using Basic Authentication you need to include an encoded string for the Authorization header for each of the requests. The Square API enables you to accept payments securely to integrate the application with the solutions. You can authenticate the basic Auth with the help the credentials. The credentials are included with a Client ID and Client Secret.
Key | Description | Example |
---|---|---|
Client ID | A Client ID is an identifier associated with an application that assists with client authentication. It is a public identifier of the application. It is confidential data and used to authenticate for requesting APIs. | Qyv13bsbv682lkbQigcu |
Client Secret | A client secret is a secret used to authenticate the application securely. This secret can be a combination of alphanumeric phrase for accessing the application. | ************************** |
Example:
- type: ContentWhitelistPreValidator
patterns:
- sq0idp-
- type: ContentWhitelistPreValidator
patterns:
- sq0csp-
- text: "SQUAREUP_API_KEY = 'sq0idp-Y7WFLOjXXp00XXXp00_0_A'
SQUAREUP_API_SECRET = 'sq0csp-WnMisBjD0DtEoYeM0ZK7Bi1_cXb0X0oRCN0djXcXXX0'"
client_id: sq0idp-Y7WFLOjXXp00XXXp00_0_A
client_secret: sq0csp-WnMisBjD0DtEoYeM0ZK7Bi1_cXb0X0oRCN0djXcXXX0
For more information please visit Square Documentation
API Key Authentication
The API key authentication is a process of passing the API key through a Basic Auth. It can be done by using a username or password. These credentials are required for identifying, authenticating or authorizing an application. In this scenario, the access token is a credential. You will need a suitable access token to request on Square API. This request can be done in two manners.
Access resources in your own Square account. This request can be sent in the Square API calls to access resources in your own Square account.
Access resources in other Square seller accounts. You might create an application for accessing the Square application. It can be done by a third-party application that can be accessed by the other Square user. They can sign in with this API token. In this scenario the application will make a Square API call on the behalf of the Square seller.
You must use a valid access token for making an API request.
You can access the token with the help of the two types of access tokens:
Personal access token
OAuth access token
To conduct the personal access token by providing unlimited Square API access to the resources in the Square account.
The OAuth Access token allows you to authenticate and scoped Square API access towards the resources in a Square account. The OAuth access tokens can be used when the application needs to be access for the resources in the Square account on the behalf of the account owner. In this API key authentication you can access token and the credentials for the Square.
To access the personal access token you will need credentials. You can find the personal access token by using the below steps:
You need to open the Developer Dashboard and choose an application.
In the left pane, you need to choose Credentials.
At the top of the page, you need to choose the Production mode for a production access token or Sandbox mode for a Sandbox access token. This token is known as the personal access token.
Key | Type | Description | Obtained from |
---|---|---|---|
Identification | The application id is an unique ID assigned by Square to the applications. It can be Identifies your application for the selected Square API and SDK calls against the production environment. It also known as a client ID. | You can obtain the application id from the dashboard Credentials page | |
Authorization | The OAuth access token is also known as a Scoped access token. This token access grants seller-scoped and limited access to a Square account by requesting an authenticated user for explicit permissions. | This token programmatically using the OAuth API. | |
Authorization | The OAuth refresh token is known as a special-purpose token. It can be used to obtain new access tokens when the current one expires. | This token programmatically using the OAuth API. | |
Authentication | The application secret is also known as a OAuth authentication credential. It helps to verifies the identity of your application in OAuth API requests to get or refresh an OAuth access token effectively. | You can get the application secret from the developer dashboard OAuth page | |
Authorization | A personal access token is known as a full-access token. It allow you to grants full production access to the corresponding Square account. | You can get this token from the developer dashboard credentials page | |
Authorization | The repository password is an unique ID assigned by Square. It allows your development environment access to the remote repositories that serve reader SDK binaries. | The repository password can be found from the developer dashboard reader SDK page | |
Identification | The sandbox application id is an unique ID assigned by Square. It Identifies your application in select Square API and SDK calls against the Sandbox environment. This id is also known as a Sandbox client ID. | It can be found from the developer dashboard Credentials page | |
Authorization | The Sandbox access token is also known as a Full-access token. It will grants full access to the corresponding Square Sandbox account. | The Sandbox access token can be found from the developer dashboard credentials page | |
Authorization | The sandbox OAuth access token is also known as a Scoped access token for a Sandbox account. It has the scoped resource permissions for the sandbox application that is used for OAuth requests. | You can found the Sandbox OAuth access token from the developer dashboard OAuth page | |
Authorization | The Sandbox OAuth refresh token is known as a Special-purpose token. It can be used to obtain new access tokens when the current one expires. | The Sandbox OAuth refresh token can be found from the developer dashboard OAuth page |
For more information please visit: Square API Key Access Token
OAuth 2.0
The OAuth 2.0 is a industry-standard protocol for the authorization. OAuth 2.0 is concern about the client developer for providing specific authorization flow for the web application, and applications. The OAuth 2.0 API is a process of authorize your application for providing a specific permissions for their Square account and get the access token. This token is required for authorized API call on their account resources. You can also create the access token from the set of granted permissions within 24 hours, the authorization limit is default for 30 days. This Square API provides a way to use OAuth to securely manage permissions and access to Square merchant accounts. Square enables developers to build customized solutions that accept payments online, in-person, or in-app to manage products and customers. Square also builds services that support products and tools to manage finances.
To access these token you will need the client id and password.
Key | Description | Example |
---|---|---|
Client ID | A Client ID is an identifier associated with an application that assists with client authentication. It is a public identifier of the application. It is a confidential data and used to authenticate for requesting APIs. | Qyv13bsbv682lkbQigcu |
Client Secret | A client secret is a secret used to authenticate the application in a secure manner. This secret can be a combination of alpha numeric phrase for accessing the application. | ************************** |
The OAuth 2.0 use the following OAuth terms:
Authorization Code: The Authorization code is a returned code that conduct when it call for authorize the endpoint. This code is required for redeem an access token and refresh token.
Access Token: The Access token is useful for grants access to a client resources and has some privilege attached to it. This token expires in a certain amount of time.
Refresh Token: It is a token generated for access more tokens. If you use the code flow, the refresh token will be valid until their access is revoked. It’s a single used token and expires after 90 days.
Square does not support OpenID or other single sign-on (SSO) protocols on top of the OAuth implementation.
For more information please visit: Square OAuth 2.0 Document
Square Connections
Basic Auth Connection
Input | Key | Description | Example |
Select application | application | Select Square application | Square |
Connection type | connection type | Select the type of connection. | REST |
Rest connection type | Rest Connection Type | Select the Basic connection type | Basic |
Connection name | name | Provide a name for the connection. | Square |
Connection description | description | Provide a description for the connection. |
|
Host name | host | Provide a string value for the URL of the user's Square account. |
|
Username | username | Provide a valid username for the given Square account. | exampleUser |
Password | password | Provide a password to authenticate all requests with. Cloud users need to generate an API token for this value. | exampleSecurePassword |
Header field | header | Provide the path of the endpoint for authentication. | Authorization |
Header prefix header | header prefix | Select the header prefix - |
|
API Key Connection
Input | Key | Description | Example |
Select application | application | Select Square application | Square |
Connection Mode | mode | Select custom connection mode | Custom |
Connection type | connection type | Select the type of connection. | REST |
REST connection type | rest connection type | Select the type of REST connection. | API Key |
Connection name | name | Provide a name for the connection. | Square connection |
Connection description | description | Provide a description for the connection. |
|
Host name | host | Provide a string value for the URL of the user's Square account. |
|
Key | key | Provide the key for the connection. |
|
Value | value | Add the value for the connection |
|
Header Parameter | header | Header parameters are used for user-defined custom HTTP headers for a request. |
|
Query Parameter | query | Query parameters are a defined set of parameters attached to the end of a URL. |
|
OAuth 2.0 Connection
Input | Key | Description | Example |
Select application | application | Select Square application | Square |
Connection type | connection type | Select the type of connection. | REST |
REST connection type | rest connection type | Select the type of REST connection. | OAuth2.0 |
Connection name | name | Provide a name for the connection. | Square connection |
Connection description | description | Provide a description for the connection. |
|
Host name | host | Provide a string value for the URL of the user's Square account. |
|
Grant type | grant type | Provide the grant type - authorization code, password, client credentials. |
|
Actions
Get Payments
Get payments | key: getPayments
Get Payment Details
Get payment details | key: getPaymentDetails
Key | Description | Example |
---|---|---|
Payment ID | The Square payment id is an object returned by the endpoint of list payments. It’s also known as a settlement objects returned by the list settlements endpoint. It’s an unique id used for the desired payment. |
|
Get Customers
Get customers | key: getCustomers
Create Customer
Create customer | key: createCustomer
Key | Description | Example |
---|---|---|
Company Name | Provide the company name of the customer. | Sapper |
Email Address | Add the email address of the customer. | |
Phone Number | Mention the phone number of the customer. | +1-541-754-3010 |