Hi! I can successfully create a terminal checkout that displays on the device when I call the create checkout from the same wifi network but cannot when i send the request from a different network (the checkout still creates fine but does not show up on the terminal device). This is an issue when Im trying to call create checkout from a server, the server is not hosted on the same network so the checkout creates but never displays to the terminal device. How do I get those checkout requests to show up?
Hi @lauren1962, I just tested with two different networks and the checkout request worked as expected. Are you using a different device_id or do you have any additional information? Also what is your application Id?
Hmm… Ill try re setting things up then. App id is sq0idp-pSVbci_ISswHPfgT8EP-vg
Ahh, so I found the network doesnt actually seem to be my issue, its because the access token that Im using is for a different account - the terminal device is registered to the application but im trying to create a checkout on behalf of another square account using the application terminal, the application is authorized to create payments for the account so the checkout creates fine but never pushes to the terminal device, @Bryan-Square is there a way to allow that or is that not supported?
Was the device paired before or after the authorization and did you us the access token that was returned from the ObtainToken call when authorizing?
@Bryan-Square no, the account was authorized for my app first then the device was paired, and yes the access token for the account was from the obtain token response.
Specifically authorized for these permissions:
PAYMENTS_WRITE_ADDITIONAL_RECIPIENTS
PAYMENTS_WRITE
PAYMENTS_READ
According this documentation its only payments write permission https://developer.squareup.com/docs/oauth-api/square-permissions thats need for terminal checkout and I can successfully create the checkout object so was guessing its not a permission issue on the end of the account im trying to take the payment for but was wondering if theres something I need to do on my applications account to allow the device to be used since the issue is just that its not showing up on the terminal device.
Hey @lauren1962, when you authorized did you also include DEVICE_CREDENTIAL_MANAGEMENT? In order to make this work you will need to do the following:
- Authorize with at least the following permissions:
DEVICE_CREDENTIAL_MANAGEMENT
MERCHANT_PROFILE_READ
PAYMENTS_WRITE_ADDITIONAL_RECIPIENTS
PAYMENTS_WRITE
PAYMENTS_READ - CreateDeviceCode with the access token from OAuth and pair to the Terminal.
- Then use the OAuth access token to CreateTerminalCheckout which can be on a separate network than the Terminal device.
Ahh, so just to clarify, then I need DEVICE_CREDENTIAL_MANAGEMENT permission for BOTH the account the payment is posting too & the account that the device is paired too (which is my application account so should already have that)?
Just tried adding that and still not seeing it show up - you mentioned using the oauth token to create the device code, in my flow the deivce code is created by and belongs to the application with its access token but the payment is taken on behalf of the authorized account using the oauth generated token, is that just not supported?
The usecase is that the terminal device can be used to process payment for multiple accounts that have authorized PAYMENTS_WRITE to the application, so it needs to belong to the application not the individual accounts
The device code will also need to be created with the OAuth access token. It will still be your application that is creating it but in order for payments to post to he authorized account all device_ids and requests to Square will need to be done with the OAuth token.
Ok thanks for helping! I might reopen as a feature request then, would be helpful to be able to process payments on a device owned by the application instead of the user
ie. usecase above: a single terminal device can be used to process payment for multiple accounts that have authorized PAYMENTS_WRITE to the applications