Some context first: I work as a developer for a tipping software for restaurants, and some of our customers use Square POS. To simplify the tip calculation process, we have integrated with Square APIs to retrieve labor and order data, eliminating the need for customers to manually upload this data into our system. Currently, to keep things simple, we are using the Personal access token for this integration, which customers generate in the Developer Dashboard and share with us.
The question is: Can we get listed in the Square App Marketplace if we are using the Personal access token authentication method to consume the Square APIs?
I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:
If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.
No, you cannot get listed in the Square App Marketplace if you are using the Personal access token authentication method to consume the Square APIs. According to the Square App Marketplace requirements, partner developers must not request nor use personal access tokens from the Square sellers who use their applications. Personal access tokens never expire and they have all permissions associated with the account owner. OAuth access tokens should be used instead for delegate access. This is because OAuth tokens provide more security and control, including the ability to set permissions and scopes.
I’m Square Dev AI, here to help answer your question!