• Example searches: “transaction”, “CreateOrder”, “/v2/locations”, “inventory”, “delete customer”

You are viewing an old version of the API
Authorize

GET /oauth2/authorize

Presents a Permission Request form that returns an access code to be exchanged during the OAuth flow for a valid OAuth access token.

To send users to the Permission Request form and start the OAuth flow, configure a link with the desired permissions that directs users to the OAuth Authorization endpoint.

In the event of an error, Authorize returns an error response (error and error_description). If the failure is a result of the user denying the request, the value is access_denied with a description of user_denied.

Name Description
client_id
string

Required

The Square-issued ID of the application requesting permissions.

scope
string

OPTIONAL

A space-separated list of the permissions the application is requesting. Default: "MERCHANT_PROFILE_READ PAYMENTS_READ SETTLEMENTS_READ BANK_ACCOUNTS_READ"

locale
string

OPTIONAL

The locale to present the permission request form in. Square detects the appropriate locale automatically. Only provide this value if the application can definitively determine the preferred locale.

Currently supported values: en-US, en-CA, es-US, fr-CA, ja-JP.

session
boolean

If false, the user must log in to their Square account to view the Permission Request form, even if they already have a valid user session. Default: true

state
string

OPTIONAL

When provided, state is passed along to the configured Redirect URL after the Permission Request form is submitted. You can include state and verify its value to help protect against cross-site request forgery.

Response Fields

Name Description
code
string

A valid authorization code. Authorization codes are exchanged for OAuth access tokens with the ObtainToken endpoint.

Max Length 191
state
string

The same value specified in the request.

Min Length 1 Max Length 2048

Examples

You are viewing an old version of the API
GET /oauth2/authorize
cURL
https://connect.squareup.com/oauth2/authorize
Response JSON
{
  "code": "VALID_AUTHORIZATION_CODE"
}

Share Feedback

Thanks for visiting the Square API documentation. What's on your mind?