question

hamza319 avatar image
hamza319 asked hamza319 commented

Do I need to publish my application to use the ecommerce api?

I am building a custom website for a client. They use a Clover POS and want to use Clover for online order payment processing. From what I understand by reading the docs, I need to specify a domain for CORS, so the API tokens are tied to my domain. This leads me to believe that I need to publish an app, which then my client installs and only then they can consume the ecommerce payment API. Correct?

I that's the case, how do I stop random people from installing the app? Cus' it will only be for my client. Or am I missing something here? and i can just use the ecommerce by some other means

e-commerce api
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
David Marginian avatar image
David Marginian Deactivated answered hamza319 commented

You shouldn't have to have a token that supports CORs because you shouldn't have to make requests to the Clover API from the browser. You can make the requests on your server and send the results to the browser - problem solved. If you are just using the Ecommerce APIs with our iframe integration that's what you should be doing anyway (payment calls should be performed from your server, not the web browser). So your first option is to use a merchant token and avoid making calls to our API from the browser. The second option is a private app. Ping appmarketbusiness@clover.com for more information about private apps and to see if they would be a good fit for you if you want to go this route.

1 comment
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

hamza319 avatar image hamza319 commented ·

Perfect! Looks like the merchant token is what I was missing. I'll look into that more, but seems like that's the missing piece. I was planning on using the iFrames, PCI compliance not note something I want to get into.

Thanks for you help, David.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community