Hi Clover, I'm finding it difficult to understand the difference between the clover auth tokens and the app secret.
I'm using the app secret as the API key to send notifications to a merchant. However, despite having requested all read and write permissions. For example, I'm unable to GET /merchants or /orders using the app secret. I can only get non-notification data using either a generated API token or the by getting the auth token from the clover device. Is that intended or am I doing something wrong?