question

davedreyer avatar image
davedreyer asked davedreyer commented

Authenticating against REST API

I've read some of the articles related to authenticating against the REST API and still haven't gotten my question answered. I'm trying to authenticate against the authorizations list endpoint in the REST API: https://sandbox.dev.clover.com/v3/merchants/{mId}/authorizations

I've set my Authorization header with the token I retrieved through the oauth flow (which I am able to use successfully for payments using the remotepay SDK). However, I always get 401 unauthorized when attempting to call this endpoint in the REST API. Am I not able to use oauth tokens for this? Do I need to create an API token for the merchant in the Clover portal instead?



OAuth
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
David Marginian avatar image
David Marginian Deactivated answered

That endpoint requires Payment Write, does your app request that permission?

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

davedreyer avatar image
davedreyer answered davedreyer commented

Looks like I only had payment read. I added write permissions but I'm still getting the same issue.

4 comments
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image David Marginian ♦♦ commented ·

You need to uninstall and reinstall your application from the Clover dashboard for the new permissions to take affect - https://docs.clover.com/docs/401-unauthorized#check-your-apps-permissions.

0 Likes 0 ·
davedreyer avatar image davedreyer David Marginian ♦♦ commented ·
Thanks David. That did the trick in sandbox. What's different for prod? Would I still need to uninstall the app for each merchant and reinstall the app after applying the correct permissions to the app?
0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ davedreyer commented ·
Yes, so you need to make sure you test your app and understand what permissions it requires. The merchant needs to authorize the permissions your integration requires and this can only be done at install time.
0 Likes 0 ·
Show more comments

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community