Square API Integration Profile

Generates code to authorize a mobile application to connect to a Square card reader.

Authorization codes are one-time-use codes and expire 60 minutes after being issued.

Important: The Authorization header you provide to this endpoint must have the following format:

Authorization: Bearer ACCESS_TOKEN

Replace ACCESS_TOKEN with a valid production authorization credential.

RenewToken is deprecated. For information about refreshing OAuth access tokens, see Migrate from Renew to Refresh OAuth Tokens.

Renews an OAuth access token before it expires.

OAuth access tokens besides your application's personal access token expire after 30 days. You can also renew expired tokens within 15 days of their expiration. You cannot renew an access token that has been expired for more than 15 days. Instead, the associated user must recomplete the OAuth flow from the beginning.

Important: The Authorization header for this endpoint must have the following format:

Authorization: Client APPLICATION_SECRET

Replace APPLICATION_SECRET with the application secret on the Credentials page in the Developer Dashboard.

Revokes an access token generated with the OAuth flow.

If an account has more than one OAuth access token for your application, this endpoint revokes all of them, regardless of which token you specify.

Important: The Authorization header for this endpoint must have the following format:

Authorization: Client APPLICATION_SECRET

Replace APPLICATION_SECRET with the application secret on the OAuth page for your application in the Developer Dashboard.

Returns an OAuth access token and a refresh token unless the short_lived parameter is set to true, in which case the endpoint returns only an access token.

The grant_type parameter specifies the type of OAuth request. If grant_type is authorization_code, you must include the authorization code you received when a seller granted you authorization. If grant_type is refresh_token, you must provide a valid refresh token. If you're using an old version of the Square APIs (prior to March 13, 2019), grant_type can be migration_token and you must provide a valid migration token.

You can use the scopes parameter to limit the set of permissions granted to the access token and refresh token. You can use the short_lived parameter to create an access token that expires in 24 hours.

Note: OAuth tokens should be encrypted and stored on a secure server. Application clients should never interact directly with OAuth tokens.

Returns information about an OAuth access token or an application’s personal access token.

Add the access token to the Authorization header of the request.

Important: The Authorization header you provide to this endpoint must have the following format:

Authorization: Bearer ACCESS_TOKEN

where ACCESS_TOKEN is a valid production authorization credential.

If the access token is expired or not a valid access token, the endpoint returns an UNAUTHORIZED error.

Provides summary information for a merchant's online store orders.

Provides comprehensive information for a single online store order, including the order's history.

Updates the details of an online store order. Every update you perform on an order corresponds to one of three actions:

Activates a domain for use with Apple Pay on the Web and Square. A validation is performed on this domain by Apple to ensure that it is properly set up as an Apple Pay enabled domain.

This endpoint provides an easy way for platform developers to bulk activate Apple Pay on the Web with Square for merchants using their platform.

Note: The SqPaymentForm library is deprecated as of May 13, 2021, and will only receive critical security updates until it is retired on October 31, 2022. You must migrate your payment form code to the Web Payments SDK to continue using your domain for Apple Pay. For more information on migrating to the Web Payments SDK, see Migrate to the Web Payments SDK.

To learn more about the Web Payments SDK and how to add Apple Pay, see Take an Apple Pay Payment.

Returns a list of BankAccount objects linked to a Square account.