Hi Square Team,
I am developing a web application that integrates with Square POS to sync product and location data. My application for the App Marketplace was recently declined due to capacity, so I am planning to move forward with a private/unlisted integration.
I have two questions regarding the OAuth flow:
-
Scope Access: Is it possible to utilize all required production scopes (e.g., EMPLOYEES_READ) for external merchants without being an approved Marketplace partner?
-
Connection Limits: Is there a hard limit on the number of unique Square merchant accounts that can authorize my application via OAuth while it remains unlisted/outside the Marketplace?
I want to ensure I remain compliant with Square’s terms while supporting my existing users. Thank you for your help!
Hello,
It’s completely understandable that being declined for the Marketplace feels like a setback, but I have some good news: you can absolutely continue supporting your users through a private integration. Regarding your questions, you can utilize all production scopes (including EMPLOYEES_READ and its modern successor, TEAM_READ) for external merchants without being an approved Marketplace partner; Square’s OAuth flow is designed to support both public and private apps identically in terms of functionality. Furthermore, there is no hard limit on the number of unique Square merchant accounts that can authorize your unlisted application. As long as you follow the standard OAuth handshake and stay within the platform’s General Terms, you’re free to scale your user base as needed while maintaining that direct, private connection with your merchants.
Best regards,
Ashley B.
Empower-Retirement