How to Make Authorize API Call To Authorize Squareup Sandbox?

I need authorization code for obtain token API call and To get this authorization code we need to call authorize API call like this:

URL = client_id={YOUR APP_ID}&scope=CUSTOMERS_WRITE+CUSTOMERS_READ&session=False&state=

Above mentioned URL parameters are
client id

I have no idea about Scope, Session and State parameters. what values should I pass or from where should I get these parameters values so that I can get authorization code and get a token for my sandbox account using API call in code.

Could you please help with this?


you can refer to the documentation for creating an OAuth link. it specifies what those parameters you are talking about mean and what should be provided there.

@sachin Let us know if you need any additional details but the documentation will cover all the details of the Authorize call. :slightly_smiling_face:

Thanks Bryan,

I just know that where to find the values of parameters which is mentioned below in Authorize Endpoint

URL = client_id={YOUR APP_ID}&scope=CUSTOMERS_WRITE+CUSTOMERS_READ&session=False&state=

Could you please help with this?


The app ID is in your Developer Dashboard. As for the state that’s a value that you will provide to include and verify its value to help protect against cross-site request forgery. :slightly_smiling_face:

1 Like

Thanks yurivaskovski

Hi Bryan,

Thanks for your response.

Now I just want to call Authorize API for SquareUp Sandbox from Salesforce like this:


I did run the above endpoint using Rest API in Salesforce but it gives Error like this:

<html><body>You are being<a href="*****&scope=CUSTOMERS_WRITE+CUSTOMERS_READ&session=False">redirected</a></body></html> Status >> Found

Scope parameter has different values which is pre-defined by SquareUp.

What scope values should I pass to authorize the SquareUp in salesforce?

Could you please help with this?


The above error is HTML. Whats the error message. Also when authorizing in sandbox you will need to have your sandbox Seller Dashboard open. If it’s not open we can’t validate the session. :slightly_smiling_face:

Thanks again for your response Bryan,

Let me explain more about it.

I followed this link:

Using this link I have implemented the REST API on my salesforce sandbox org.

As the mentioned in the above link of SQUAREUP we should get the response body like this:


Now my main problem is that my REST API does not show the response correctly . It shows the response body when I execute REST API which I have implemented:

Could you please suggest to me why is this happening, or why it does not show the correct response as mentioned in the SQUAREUP helping link.

As you mentioned “you will need to have your sandbox Seller Dashboard open. If it’s not open we can’t validate the session.” Can you please elaborate more on this so I can open it?

Let me know What should I do to resolve this issue so I get the REST API response correctly.

Please let me know if you have any questions regarding this so we can sort it out.

Thanks and Regards.

This API call won’t result in a normal JSON response. When you click on the link that you’ve generated are you prompted to accept the permissions scopes that you passed in? If so, once you click Authorize the customer will be redirected to your configured redirect URL that you set in the Square Developer Dashboard OAuth section. Once they’re redirected Square will include the code and state in the URL that you can pull to then call ObtainToken.

In sandbox when you go to authorize you will need have the default test account Seller Dashboard open in a tab. This is just for sandbox. You’ll open the Dashboard from your Developer Dashboard.

Thank you very much Bryan for your response,

I followed the steps which you have mentioned in our last conversation and I have got the response in URL and the token is generated successfully via obtain token API.

I got the error regarding the permission issue.

I think this permission issue occurs from the SquareUp account so I have already checked the permission in the SquareUp account but I didn’t find anything related to permission.

This is the screenshot of my permission error. Please have a look on this:

Could you please help me with this?

Thanks & Regards

Was INVOICES_READ a permission that you requested when generating the token? Also you can use RetrieveTokenStatus to get a list of permissions the token has. :slightly_smiling_face: