question

bobbygill avatar image
bobbygill asked Mark Mullan Deactivated answered

Best practice for authenticating Clover app against custom web service

We are building a Clover app that will be working against a web service we are developing (ie. No interaction with the Clover REST API). I am looking at how we should best secure the web service and the app so that the web service can authenticate each caller and prevent outside parties from making calls to its operations that should be coming from the Clover app we are building.

Normally I'd solve this by creating a login/password authentication mechanism and then using a traditional form of token authentication. However, is this the best practice when developing a Clover app?

It feels weird that if someone is unlocking the Clover device that they are then also asked to login to our specific app. Is there any facilities in the Clover SDK to help with this problem?

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

Mark Mullan avatar image
Mark Mullan Deactivated answered

Hi Bobby,

Glad to hear you're working on a product for our App Market! Couple things:

  • In order to be listed on the App Market, your app must interact with the Clover REST APIs in some way. During the approval process, members of our team will have you demonstrate some of the ways in which you do this. This interaction can be simple; as an example, if a merchant launches your application for the first time, and they need to register an account with you, we would want you to make calls to our API to retrieve information about the merchant that you can use to pre-populate signup form fields. We want the merchant experience from Clover->Your app to be a positive one.
  • Our best practice for accomplishing this is through Clover OAuth.
  • For a comprehensive explanation, thiswould be the best place to start. Please feel free to reference DevAsk, post additional questions, or email dev@clover.com if you need any clarification as you walk through our docs.

Thanks,

Mark

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community