I’m trying to do a Terminal API call and I’m having some trouble making the calls. I have generated my OAuth Token (Connect a Square Terminal to a POS Application) for the following permissions.
CUSTOMERS_READ,CUSTOMERS_WRITE,ITEMS_READ,ORDERS_WRITE,PAYMENTS_READ,PAYMENTS_WRITE,MERCHANT_PROFILE_READ,ORDERS_READ,DEVICE_CREDENTIAL_MANAGEMENT
I’m doing the order placing via the Java SDK and that seems to work fine with the generated token but the Terminal REST API call fails. The log is as follows.
2024-02-27 20:18:31 - SQUARE-TERMINAL API >>>>>>>>>>
URI : https://connect.squareupsandbox.com/v2/terminals/checkouts
Method : POST
Headers : {Accept=[application/json], Content-Type=[application/json], Authorization=[Bearer {Token}], Square-Version=[2024-01-18], Content-Length=[302]}
Request body: {"idempotency_key":"SQT-a7qt11d84ba4","checkout":{"amount_money":{"amount":255,"currency":"USD"},"tip_money":{"amount":0,"currency":"USD"},"order_id":"a7qt11d84ba4","device_options":{"device_id":"22cd266c-6246-4c06-9983-67f0c26346b0","tip_settings":{"allow_tipping":false},"skip_receipt_screen":true}}}
2024-02-27 20:18:32 - SQUARE-TERMINAL API API <<<<<<<<<< Status = [401] path = [https://connect.squareupsandbox.com/v2/terminals/checkouts]
Status code : 401
Status text : Unauthorized
Headers : {Date=[Tue, 27 Feb 2024 14:48:32 GMT], Content-Type=[application/json], Content-Length=[161], Connection=[keep-alive], CF-Ray=[85c13aad4f1a513a-CMB], CF-Cache-Status=[DYNAMIC], Strict-Transport-Security=[max-age=631152000; includeSubDomains; preload], Vary=[Origin, Accept-Encoding], x-content-type-options=[nosniff], x-download-options=[noopen], x-envoy-decorator-operation=[/v2/terminals/**], x-frame-options=[SAMEORIGIN], x-permitted-cross-domain-policies=[none], x-sq-dc=[sjc2b], x-sq-envoy-safe-auth-decision=[UNAUTHORIZED], x-sq-region=[sjc2b], x-xss-protection=[1; mode=block], Set-Cookie=[__cf_bm=cG7s88PecpRyx1aIOv4SsRt.oq7Mt49u6QdjO8mmwCc-1709045312-1.0-AU5J9kW31GuCrFlDI7s+WoBxeoGnbjoFYkI7kM+WfHIjUrHa+04YotM1SW141VNevKdSLWOBBXQ6tMYhDcq3YqM=; path=/; expires=Tue, 27-Feb-24 15:18:32 GMT; domain=.squareupsandbox.com; HttpOnly; Secure; SameSite=None], Server=[cloudflare]}
Response body: {
"errors": [
{
"category": "AUTHENTICATION_ERROR",
"code": "UNAUTHORIZED",
"detail": "This request could not be authorized."
}
]
}
Sandbox Application ID: sandbox-sq0idb-61-sUjlWKyXIx1Gz5pKldQ
Merchant ID: JPP8GBK4V406R
What am I doing wrong here?