Build with the Mobile Authorization API

Link to section

Requirements and limitations

To build with the Mobile Authorization API, the following must be true:

  • You're using HTTPS - HTTPS is required for all production Square API calls. HTTP calls are only supported for developing and testing on localhost.
  • You're using production credentials - The Mobile Authorization API isn't supported in the Square Sandbox.

Additionally, you need the following information:

  • An active location ID - Copy a valid developer account location ID from the Production mode Locations setting page of your Square application in the Developer Dashboard.
  • A valid access token - For more information, see Access Tokens and Other Square Credentials.
Link to section

Request a mobile authorization code

Add code to use the location ID and OAuth token to request a mobile authorization code. The authorization service should return the mobile authorization code to the calling application but for the sake of this example, Square simply prints it to the screen.

Create mobile authorization code


Mobile authorization codes are short lived and should be used immediately to authorize mobile solutions like the Reader SDK. Mobile authorization doesn't expire after a set amount of time. Authorization remains valid unless it's explicitly revoked (for example, by calling deauthorize in the Reader SDK) or the authorized application fails to take a payment within 90 days.

Link to section

See also