We moved from stripe to square and developer was trying to setup sandbox, after submitting the test card and we click on order now, we are receiving this error Unexpected token ‘<’, "<!DOCTYPE "… is not valid JSON.
we did our best dont know what is the error, we copies the same token and everything. Need help
I got the email with the link to your site and it looks like the token was correctly returned from the Web Payments SDK. However the request to CreatePayment isn’t making it to Square. There is something erroring out in your order-store network request.
I will work and update you again thank you
Hi Bryan,
We are using laravel SDK version 43 and when we are sending a request, it gives an authentication error. So Can you suggest the solution accordingly?
Thanks,
Muhammad.
So your now getting an AUTHENTICATION error from Square servers? If so that’s a configuration issue. You’ll want to make sure your using the correct credentials for the environment your targeting.
Hi Square Developer Team,
We are integrating Square using the PHP SDK v43 in a Laravel application.
We have confirmed that the Web Payments SDK returns the nonce successfully, but our backend CreatePayment request still fails with:
Square\Exceptions\ApiException: AUTHENTICATION_ERROR (401)
"This request could not be authorized."
We have triple-checked our configuration and want your help confirming what may still be incorrect on our end.
Here is our current environment setup:
SQUARE_ENVIRONMENT=sandbox
SQUARE_ACCESS_TOKEN=SandboxAccessTokenCopiedFromDashboard
SQUARE_LOCATION_ID=SandboxLocationIdCopiedFromDashboard
We cleared config caches (php artisan config:clear)
We verified that Laravel is reading the correct values
The token prefix logged in our Laravel app matches the Sandbox Access Token in our Square dashboard
The Location ID is also from the same Sandbox application
The applicationId used in JavaScript begins with sandbox-
We also tested the token directly outside Laravel using listLocations() and it works successfully, so the access token is valid.
However, inside our Laravel app, the call to createPayment() returns AUTHENTICATION_ERROR every time — no request is reaching Square servers.
Is the JavaScript reference in the head of the page sandbox.web.squarecdn.com/v1/square.js?
Hello!
That error means your app expected a JSON response but got an HTML page instead—usually due to using the wrong Square API endpoint, missing headers, or a token mismatch. Make sure you’re calling the sandbox URL, using the correct sandbox token, and setting Content-Type: application/json. Also log the full response to see what’s actually returned.
@shirtsexpert Please NEVER share the access token. They are secret. Please recycle the access token that you posted immediately.
As for your error, if your getting an authorization error something isn’t configured correctly with your environment.
Hi Team,
Thank you for the response — and noted regarding the access token. We have already recycled the token for security.
We are still experiencing the same authorization error, even while using the correct Sandbox environment URL and the Sandbox access token. We would really appreciate your guidance to confirm exactly what might be misconfigured in our environment that could be causing this issue as that was the reason for sharing the access token with you so you can confirm the exact problem.
Additionally, if possible, could someone from the API team please join us on a quick call or screen-share session so we can walk through the setup together and resolve the issue faster?
Thank you for your support, and we look forward to your assistance.
Best regards,
shirtsexpert Dev Team
Can you confirm if the JavaScript reference in the head of the page sandbox.web.squarecdn.com/v1/square.js ?
We have already used this. Please check below script.
form.blade.php
Credit Card Payment @if(env('SQUARE_ENVIRONMENT') === 'production') @elseWhat is the link to your site so I can inspect it?
Please find below link for live website and staging both.
I didn’t see the form field on the production site but on staging the SDK returned the tokenized card data but it failed at your order store functions.
That what I want to analyze what is wrong in the order environment so I can make that correct. We have to implement it on a live domain for testing as well? As we are doing it on staging first.
Okay, however I’m not sure I’ll be much help with that since it’s not code that I have access to or am familiar with. The Square provided SDK did it’s job and returned the nonce and now its up to your code flow to pass that to your server and call CreatePayment.
