Not authorized to access orders with location_id while creating a order checkout

Questions
1

Hello Folks,

I am trying to create a payment and transfer the amount to a connected merchant account and I’m stuck with the error as below,

“errors”:
[{“category”:“AUTHENTICATION_ERROR”,
“code”:“FORBIDDEN”,
“detail”:“Not authorized to access orders with location_id=MLNFQ7QGFRX4B”}]

I have two different account where one I’m using as inter mediator to transfer amount to merchant account directly from end users

and I’m not able to achieve the requirement do help me out with the same.

Here’s my code,

	$client = new SquareClient([
		'accessToken' => env('SQUARE_ACCESS_TOKEN'),
		'environment' => Environment::SANDBOX,
	]);

    $amount_money = new \Square\Models\Money();
	$amount_money->setAmount(10000);
	$amount_money->setCurrency('USD');

	$app_fee_money = new \Square\Models\Money();
	$app_fee_money->setAmount(1500);
	$app_fee_money->setCurrency('USD');

	$body = new \Square\Models\CreatePaymentRequest(
		$pay_nonce,
		$sales_dets->sale_id,
		$amount_money
	);
	$body->setAppFeeMoney($app_fee_money);
	$body->setAutocomplete(true);
	$body->setLocationId($square_dets->square_merchant);
	$body->setReferenceId($sales_dets->student_id);
	$body->setNote('Brief description here');

	$api_response = $client->getPaymentsApi()->createPayment($body);

Thanks & regards,
Anil

2

:wave: Hi Anil, are you using an OAuth access token generated from OAuth for the account you’re trying to take the payment on behalf of? :slightly_smiling_face:

3

Hi Bryan,

I tried plenty of ways to resolve my issue nothing worked.

at last, I figured out that I am supposed to use the merchant access_token stored while connecting the account, and the location id is supposed to be the developer’s account used as a mediator in the applications side.

after changes this is how my code looks,

	$client = new SquareClient([
		'accessToken' => $merchant_square_access, //Merchants access token
		'environment' => Environment::SANDBOX,
	]);

    $order = new \Square\Models\Order(env('LOCATION_ID')); //Developer's account location id

	$price_money = new \Square\Models\Money();
	$price_money->setAmount(15000);
	$price_money->setCurrency('USD');

	$quick_pay = new \Square\Models\QuickPay(
		'Testing Quick Pay',
		$price_money,
		env('LOCATION_ID') //Developer's account location id
	);

	$body = new \Square\Models\CreatePaymentLinkRequest();
	$body->setIdempotencyKey('bae2e9c0-479a-4fba-b835-9792e56f2cb0');
	$body->setQuickPay($quick_pay);
	$body->setSource('');

	$api_response = $client->getCheckoutApi()->createPaymentLink($body);

	if ($api_response->isSuccess()) {	
		$result = $api_response->getResult();
	} else {
		$errors = $api_response->getErrors();
	}

Thanks for response, do check my code and please let me know If I’m following the correct way

4

Glad to hear you figured it out. All looks good! :slightly_smiling_face:

1 Like
5

Look like the user placing the order is not authenticated user. Order was possibly placed by an anonymous user hence forbidden.