OAuth Flow Challenges

I’m attempting to follow this guide in order to authorize my application to act on behalf of another application. Once I get to the authorize step, I encounter the following error:

    "message": "To start the OAuth flow for a sandbox account, first launch the seller test account from the Developer Dashboard.",
    "type": "bad_request"

I’m running this while logged into the dev sandbox, having launched the test account for which I’m requesting access. Is there something else that needs to be done before making this call?


That should be it. Are you in the same window as the Sandbox Seller Dashboard (not a private window etc) when opening up the OAuth authorize link? Have you tried with it in a different tab?

I see. Yes, it works for me when I navigate to the URL from the same window. I’m envisioning a web page where a user can click on the link to grant access - is it a requirement that the user clicks the link in the same window as their open Dashboard?

Not in production, no :). This is just one of the limitations of the Square Sandbox; you must have the Square Seller Dashboard open and logged in to use the OAuth authorize.

In a production setting, you can give the OAuth authorize url to the merchant/restaurant you want to onboard, and it will handle the rest. It will require them to have a Square account and be logged in (but it will provide links to do so in a more reasonable manner). The production OAuth url can be used anywhere and opened however.

1 Like