question

Nimila Hiranya avatar image
Nimila Hiranya asked David Marginian Deactivated answered

App Secret Usage Warning

We've recently received an email from Clover, with regards to the usage of App Secret instead of an Auth Token.

Upon investigation, we found out that we're using the App Secret on the following endpoints.

/v3/apps/{appId}/merchants/{merchantId}/billing_info
/oauth/token

The Billing Info endpoint will be changed immediately to use the Auth Token. We want to clarify the usage of App Secret in OAuth Token endpoint.

We have implemented the flow as mentioned on Using OAuth 2.0 on Clover. Do we have to change this endpoint as well to comply with the requirement? If so how to proceed with it?

OAuth
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
David Marginian avatar image
David Marginian Deactivated answered

The app secret is required to obtain an oauth token. You do not need to adjust your oauth flow. However, you will need to adjust your usage of the billing endpoint to use an oauth token (not app secret). Does this answer your question?

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community