I am going through the API, but I have a question.
currently building a marketplace app :
I understand that OathAPI allows you to ‘drive’ users for them to create sellers account on SquareUp via, I guess an Webview Url redirect.
But in the developper reference, the Customer api allows to create custom customers and store their personal details as well as their credit cards. Would it be then possible for us just to use this API, create our own sellers, and process payments VIA Square ? Would that represent too much of a fraud threat for squareup ?
Another question, as I am reading through the Flutter pluggin, I have noticed that there is no mention of 3Dsecure2 call backs, are you guys planning to include it ?
Last but not least. When Squareup holds customers from an app, how long does it take for them to cash out ?
Thank you for all your help
Hi @y4nnnn welcome to the forums!
OAuth is used to onboard Square merchants, not customers. The Customers API is used to manage customers within a Square merchant account, to be clear. There’s no way for you to create Square accounts for a particular merchant, so they must sign up by themselves currently.
As for Flutter, we do have the ability to implement SCA: in-app-payments-flutter-plugin/reference.md at master · square/in-app-payments-flutter-plugin · GitHub. The callbacks are
I’m not sure what your last question means regarding cashing out, can you clarify? Square merchants are subject to the standard transfer schedule in regards to depositing money into their bank account.
thank you for the clarification. So in an App (not a website), for a seller to create an account, he must be redirected to a Webpage (I guess a Squareup account creation page), and customer API allows us to access the data. So the return url in this case is useless ?
In the case where our sellers become platform independant, and square dependent, what happens if we ban a user ? and how does refunding works ? It would have been nice to have full control on sellers, to manage id verifications, prevent frauds and scams, solve disputes etc … I will take a serious look at the doc. Anyway, thank you again for answering, It s my first time dealing with banking within applications, and I thought payment gateways where just a comunication pipe between banks.
The return url for OAuth is still needed, because that’s what give your application the code necessary to generate an OAuth access token. You can revoke a user’s token at any time which wouldn’t allow them to use the application any longer.
As for refunds, the seller’s still have the ability to refund via their Square dashboard, or Square POS application, but you can also do refunds via the API as well so you could build that into your application.
Definitely let me know if I can help clear up anything else, though.
Tks a lot. I just fulfilled our informations. I will start coding the customer API (the payment seems easy on the client side) to test things out. Thank you again for your help