Authentication

The Square API enables developers to create applications that make API calls on behalf of Square sellers.

Link to section

Web clients

The OAuth API lets you ask a seller to authorize your application for specific permissions on their Square account and get a scoped access token. The token is used to make authorized API calls on their account resources.

Using the OAuth API, you can also create access tokens that have a reduced scope from the set of permissions granted and access tokens that have a 24 hour time limit instead of the default 30 day limit. These limited tokens work well in a loosely controlled access environments such as web browsers or mobile clients. For more information, see Refresh, Revoke, and Limit the Scope of OAuth Tokens.

Link to section

Mobile clients

For developers building mobile applications that take in-person payments using the Reader SDK, the Mobile Authorization API lets your mobile application get an authorization code to manage the checkout flow and payment processing on behalf of a seller.

Link to section

See also