I just want to follow up on this thread and second how frustrating it was to deal with this issue as a developer. We ended up going with the approach of having a single webhook and relying on the fact that we get webhook events from our customers via that single webhook so long as they do the oauth process with us. But NOWHERE in the square documentation does it explain that this is how things work. AND the errors you get when you try to dynamically set up webhooks for users via Oauth scopes and the square webhook api tell you that you just need to update your Oauth scope (which is incorrect). PLEASE update your documentation and/or create better error handling. You shouldn’t have to fine a dev forum post from a year ago to figure this out.
For context, even after I figured stuff out and wrote a LONG comment in our code explain what’s actually going on, another developer on my team still thought we needed to set up webhooks per customer, and was planning on doing so. The flow is just not very intuitive and needs to be explained better.
