Having problem with accessing different Square applications through their application IDs/secrets

I’m not sure I fully understand the question. What application are you trying to access information from and what information are you after? With Square APIs and OAuth the way it works is you’ll build your own application that sellers will OAuth to so your application can take action on their Square account.

Hey Bryan, I’m referring to the Square application that is created in the Square dev dashboard. I use the application’s ID and secret to get the authorization URL and then access the API. However, I’m getting a weird behavior where the information I get back is independent of the application ID and secret that I use. No matter what, the data I get back is the accumulation of data across applications that belong to whoever logs in. What I want is to only receive data back from a specific application. And if a user doesn’t have access to that application, they shouldn’t be allowed to log in. It shouldn’t return data from a random application that belongs to that user instead. (Which is the behavior I’m currently getting) Maybe I’m not understanding how to use the Square applications correctly?

Data returned from a Square application isn’t unique to that application. It will return any data that is within the scope of permissions the application has. The behavior your experiencing is the correct behavior with applications created in Square accounts.

Is there a way to give users access to data that is held in a different user account through the API? There is data within a user account that a different user has admin access to. They can access that data within the Square UI but when they login with their account to access the API, they don’t receive any data back. Is there another place where we need to define user permissions in order to allow this?

I’m sorry I’m having a hard time understanding the question. What accounts are you referring too? The Square account? Who are your users? Are they the sellers customers or employees?

Also what data in the Square account are you wanting to restrict access?

I’m not wanting to restrict access. I have two users who are both admins at a company, say user1 and user2. The company’s sale data is under user1’s account and I want user2 to be able to access this data as well. How do I give user2 access to the sale data which is under user1’s account?

Okay, you mentioned only one company. How many Square accounts are there?

There is one company and 3 users that want to access the company’s data. The company’s data is under one of the user’s account.

Okay, then I believe your looking for permissions with Team Management rather then our API or OAuth. Teams is what you’ll use to gate access of information within a Square account.

1. Log in to your online Square Dashboard and click Staff > Team > Team Members > Team member.
2. Fill out the Team Member’s Profile. Enter the team member’s name, email address, and phone number. These fields are optional.
3. Click Next.
4. On the Jobs screen, provide a primary job title and pay type (hourly or salary). Note: If the job already exists, click Primary job title to access a drop-down menu of existing jobs.
5. Based on the selected pay type, enter an hourly rate or annual salary and weekly hours.
6. If the employee will have multiple jobs, click Add another job.
7. Click Next.
8. From the Access screen, select an existing Permission set or click Add permission set.
9. Click Enable Permissions and select or create a permission set from the dropdown menu.
10. To allow your team member to sign into the Square app and clock in/out using a passcode, enter a custom 4-digit passcode or click Generate to create one at random.
11. If your team member’s permission set allows them to access the Square Dashboard or the Square app on their own device, enter the email address they will use to log in. This will send the team member an email inviting them to create a password for their account.
12. You can choose to enable team member badges as a secure alternative to a four-digit passcode. Badges allow your team to access your point of sale based on assigned permissions and clock in and out for a shift. Note: Custom permissions are available to Team Plus paid subscribers.
13. Click Locations to select the \ location your team member will work from. Note: If you’re using multiple locations and want to give your team member permission for each, toggle on Assign to All Current and Future Locations.
14. Click Save & review..
15. Once you complete a new team member’s profile, confirm all information and click Done.

You can also create team members directly from the Square Point of Sale app. To do so:

1. From the navigation panel in your Square Point of Sale app, tap Team.
2. Tap + to pull up the Create team member screen.
3. Enter the team member’s name, email address, and phone number.
4. From here, tap Primary job title to assign the team member a job title or tap Create job to assign them a new job title.
5. Tap the back arrow to return to the Create team member screen and enter the team member’s hourly rate. Note: This field is not required to save your team member’s profile information.
6. Tap Permission set to assign your team member to an existing permission set. Note: Team members will automatically be assigned to team permissions upon creation. Creating and editing new permission sets is only available in Square Dashboard.
7. Tap Personal passcode if you’d like to create and assign a custom passcode to the team member, then tap Done. Note: An automatically generated passcode will be assigned to new team members, but you will have the option to assign a custom passcode from this section.
8. Tap Location to select the location(s) for the team member. If you’re using multiple locations and want to give your team member permission for each, toggle on Assign to all current and future locations. Note: The Location section will default to the current location associated with your Square Point of Sale account during team member creation.
9. After returning to the Create team member screen and confirming all information is accurate, tap Save.

If applicable, this team member will be invited via email to create their own login for accessing the online Square Dashboard and/or the Square Point of Sale app on their personal device.

I know this is old but my question is directly related to the permissions here. I have one admin/account owner and three employee accounts. Recently all three employee accounts permissions got demoted. I did not change them.

However I did create a new project under developer and gave the location id, application secret, and application id to the developer so the app could communicate and pull information off of our website.

Could this app get admin access and change permissions?

Applications in the Developer Dashboard can’t change permissions. That isn’t currently available with our APIs. Permissions can only be changed in the Dashboard.

Ok thank you for that information. It looks like our subscription changed on that day and square reset all permissions for lower users.