question

jasonwang1024 avatar image
jasonwang1024 asked ·

401 unauthorized with Oauth token

I am using the API
https://apisandbox.dev.clover.com/v3/merchants/{mi...
I created a test merchant in sandbox.Right now I'm able to get results back using the API token generated from Setup -> API Tokens. However, using the token created through the OAuth returns me a 401 Unauthorized error. Is this the way it is in sandbox mode? Will it just magically work when in Production?

Also, reading from all other posts, I think the Clover team should really improve the docs, the sandbox enviroment confuses a lot of people.
Auth
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

keithryanwong avatar image
keithryanwong answered ·

Hi @jasonwang1024,

The OAuth token should work in sandbox mode as well. Can you tell me which test merchant you are using and which test application generated the OAuth token? Please double-check that the application generating the OAuth token has obtained the correct permissions. Those permissions are different from the API Token you set up through the Merchant dashboard. Once you set them, you will need to uninstall and reinstall the application to your test merchant. More information can be found here: https://docs.clover.com/build/permissions/

We appreciate your feedback! There's definitely a need to improve documentation, and our team is constantly in the process of trying to better support our developers.

Best,

Keith Wong

3 comments Share
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Thanks, it was indeed the permission issue. After setting required permissions, reinstalling the app, the new auth token worked. Thanks for the quick response!

0 Likes 0 · ·

No problem. One thing to note: the API token set up through the merchant dashboard has more limited permissions (expires regularly and you can't take payments with it), and should be used only for testing purposes. More information here: https://docs.clover.com/announcements/merchant-generated-api-token-changes-april-11-2017/

0 Likes 0 · ·

what do you mean re-installing the app? in a case of a web app there is nothing to install.

1 Like 1 · ·

Welcome to the
Clover Developer Community