Returns an OAuth access token.
Open in API Reference
The Square-issued ID of your application, available from the
The Square-issued application secret for your application, available
from the developer dashboard.
Specifies the method to request an OAuth access token.
Valid values are: authorization_code, refresh_token, and migration_token
The authorization code to exchange.
This is required if grant_type is set to authorization_code, to indicate that
the application wants to exchange an authorization code for an OAuth access token.
Legacy OAuth access token obtained using a Connect API version prior
to 2019-03-13. This parameter is required if grant_type is set to
migration_token to indicate that the application wants to get a replacement
OAuth access token. The response also returns a refresh token.
For more information, see Migrate to Using Refresh Tokens.
The redirect URL assigned in the developer dashboard.
A valid refresh token for generating a new OAuth access token.
A valid refresh token is required if grant_type is set to refresh_token , to indicate the application wants a replacement for an expired OAuth access token.
A JSON list of strings representing the permissions the application is requesting.
For example: "["MERCHANT_PROFILE_READ","PAYMENTS_READ","BANK_ACCOUNTS_READ"]"
The access token returned in the response is granted the permissions
that comprise the intersection between the requested list of permissions, and those
that belong to the provided refresh token.
A boolean indicating a request for a short-lived access token.
The short-lived access token returned in the response will expire in 24 hours.
curl https://connect.squareupsandbox.com/oauth2/token \
-X POST \
-H 'Square-Version: 2021-07-21' \
-H 'Content-Type: application/json'
// No response received yet.
Thanks for visiting the Square API documentation. What's on your mind?