OAuth and Testing

When a developer creates an application for use by a seller in a different region of the world, the application needs to use the Square OAuth flow as implemented with the OAuth API. In addition to meeting OAuth requirements, your application should be tested for its ability to process payments through Square in each region that your application is used.

Link to section

OAuth API usage

The Square OAuth flow must be used unless you're developing an application to manage your own Square account. The OAuth flow provides an access token that lets your application make Square API calls on a seller's Square account. The access token carries the seller's scoped permission for your application to access their Square account. The token does two important things:

  • It allows API calls to be treated as though they're being made within the seller's country and by the seller.
  • It identifies your developer Square account and the country where you have registered your application. You can only collect application fees on payments that Square processes from Square-supported countries.
Link to section

Sandbox testing

If your application is going to be used by sellers in other Square-supported countries, you can test your payment logic in the Square Sandbox by creating Sandbox seller accounts for each country that you support. Test your payment logic in each seller account before you release your application to production. For information about testing payments in other countries, see Create a Sandbox test account.

Note that a Square Sandbox seller account can only be created for the following countries:

  • Australia
  • Canada
  • France
  • Ireland
  • Japan
  • Spain
  • United Kingdom
  • United States

All other countries are fully supported for most other Square APIs, as well as for external and cash payments.

Link to section

See also