Hi Clover Community,
I was doing some tests earlier to isolate a specific bug where our Oauth2 return URL was not being followed for certain users. It specifically affects new merchants with no current app subscription. We use this URL when it comes back from Clover
- To validate that it is a legitimate request.
- To know the UUID of the UI to update if the origin is from our app UI and not the Clover App Market.
The return URL is being constructed with query parameters on our end for the above reasons. ( It could be a URL path, it would do the same, and the results of these tests are exactly the same. )
If the merchant has boarded once with any employee, it redirect to the redirection URL fine, and if query parameters were passed in, it appends them at the end of the usual merchant, app and employee UUID that is returned by Clover.
However, if the merchant has NOT boarded on the app yet, or has uninstalled it. The Oauth2 return URL is ignored and the new window being opened after selecting a subscription is the App Config's "Site URL".
This is the only time I've implemented Oauth2 where my return URL is completely disregarded.
If there is an undocumented way, or if I've missed documentation documentation added within the last year, I would really appreciate being pointed in the right direction.