I’m trying to get my head wrapped around how the Customer API flow works.
I am aware of this workflow graphic on this page.
Customers API Workflows (squareup.com)
The way I understand it, is that after I collect Customer information on my frontend, I will do a “search customers” request with that phone number or email. If we match, we return the customer object. My question is how we validate that the user is who they say they are? Would it technically be safe to collect the customer information, make them verify their email on my frontend, and then make the request to square with that email?
I want to ensure that not anyone can just create an account with a phone number or email and get linked to a customer that is not actually them. I’m curious what others are doing in this regard.
Currently, there isn’t a way to add additional validation to confirm the customer is who they say they are by confirming a verification from an email that’s sent to the email address or confirming from a SMS. We’re constantly working to improve our features based on feedback like this, so I’ll be sure to share your request to the API product team.
That is good to know. I’m curious how others are handling this. I wonder if they are handling it on their own.
Not sure what others are doing but at some point you have to trust they are who they say they are. Whats your biggest concern at this with this. Is it duplicate profiles?
I’m more paranoid than anything.
I just want to prevent the ability for someone to register as someone else’s email and potentially access their customer data. I suppose if I get them to verify their email on initially logging into my UI, then that would probably solve it.
There is that potential too for duplicate profiles. But it looks like if I merge those accounts then it doesn’t matter which customer_id i use.
If your that worried about access to the customer data you can choose to not show any of the customer data or allow for any changes within your UI. You can email them a change form or a verification code to then enter to make any changes. That way they have to have access to the email to access the information.
Yeah that is what I am thinking.
Thanks for the feedback! I appreciate it.