Is it possible to send a webhook notification when a Square account grants access to an application? I see oauth.authorization.revoked in the docs but only for revoked authorizations. If the answer is negative, could you please tell me if it’s feasible as an enhancement so I can request the feature?
I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:
If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.
Currently, Square’s OAuth API only supports the “oauth.authorization.revoked” webhook event, which notifies an application whenever a seller revokes all access tokens and refresh tokens granted to the application. There isn’t a corresponding webhook event for when a Square account grants access to an application.
As for your suggestion about this being a potential enhancement, while it’s a good idea, I don’t have the ability to implement new features or make changes to the API. I would recommend reaching out to Square directly through their official channels to suggest this feature.
It’s not unreasonable to consider the whole oAuth process as a webhook, assuming it’s hitting the same place you use as the oAuth redirect point.
If the oAuth redirect point is not the site you want to know, you could implement a simple webhook-like push of a JSON packet to the remote site. Probably goes without saying, I’m not at all sure how you’d secure this and you’d need to put some careful thought into that - you don’t want random sites pushing oAuth notifications to your remote/child sites, of course.