question

tom-2 avatar image
tom-2 asked David Marginian Deactivated commented

Read Merchant Inventory for merchant's customer facing WebSite

I am building a pure Web Site app for my client to display their take-out menu (as a first step). It is a new restaurant and they are changing their menu frequently to keep up with customer requests. My question is that since the merchant is not using the website, how does my app access the merchant's inventory to know what to display? I can't redirect an OAuth request to the merchant for every customer access to their menu.

Is there a way the menu app can have real-time access to the merchant's inventory menu (Items and item modifiers)?

If there isn't one already, can some "merchant config" option be included into the "Add App" functionality that would let the merchant agree that the Web App has access to the merchant's data. Currently, my client just wants to display the menu, but in the future wants to allow customers to view the menu, place orders, and take payments.

So first, I need some direction for how to access the menu in the inventory, then following that, the rest of those functions.

Thanks for your help,

Tom

REST APIInventoryMerchant
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image
David Marginian Deactivated answered

Developer had a typo in the request, marchents instead of merchants.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image
David Marginian Deactivated answered David Marginian Deactivated commented

My major concern from your description is that it sounds like you plan on making Clover REST calls directly from the web browser. If so you are putting your merchants data at great risk as the access token will be exposed.

Perhaps you can have an installation process where the merchant installs the app and you obtain an access token on their behalf. You can then securely store the token on your server. Your web client can delegate to your server and the server can make calls to Clover's REST API (thus keeping the token unexposed).

9 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

tom-2 avatar image tom-2 commented ·

Hi David,

Actually, I have a Node.js server running which does the call-out to the Clover REST API. So, merchant data will be protected and only intended customer facing data will be sent to the web page.

I can certainly create a database to store Merchant tokens. How long would it be valid? Would I need the merchant to periodically sign in and re-validate the token (seems like a nuisance to the merchant)?

From my Node.js server (and this is the reason for my question), I keep getting an http code 405 returned and I can't find any documentation from Clover on why I would get that code. Just to be thorough, I am using Node.js, Node Express, and Axios to make the call-out to the Clover REST API. What has been particularly annoying is that I copy out the call from my code (after letting JavaScript resolve all the variable and paste it into PostMan and it works. It only fails from Node.js.

Thanks,

Tom


0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ tom-2 commented ·

Tokens expire after 1 year. Can you include the request you are making in a private/moderators only post?

0 Likes 0 ·
tom-2 avatar image tom-2 David Marginian ♦♦ commented ·

Hi David,

I would if I knew how to do that. Please send me instructions on how to post in a moderators only post.

Thanks,

Tom


0 Likes 0 ·
Show more comments

Welcome to the
Clover Developer Community