question

hladdha avatar image
hladdha asked hladdha commented

Verify device connectivity with v2 expiring access token

I'm trying to setup rest pay api with our backend systems for a client to integrate clover payments with our webapp.
When I try to run the API (https://docs.clover.com/reference/ping_device) -


curl --request GET \

--url https://sandbox.dev.clover.com/connect/v1/device/ping \

--header 'X-Clover-Device-Id: C032UQ01250558' \

--header 'X-POS-Id: KNOTTYPINE' \

--header 'accept: application/json' \

--header 'authorization: Bearer XXXX'
So when I try to run this request with my permanent access token it works and I get -
{ connected: true }

But when I generate an expiring token and run the same request with it -

I get -

{ "message": "Unauthorized", "requestId": "13c4f5e2-17637", "requestType": "PING_DEVICE_GET", "type": "UNAUTHORIZED"}

I've also tried other endpoints like -
https://apisandbox.dev.clover.com/connect/v2/device/ping
{ "message": "Unauthorized", "requestId": "86f7855f-17644", "type": "UNAUTHORIZED"}
{ "message": "Unauthorized", "requestId": "86f7855f-17643", "requestType": "PING_DEVICE_GET", "type": "UNAUTHORIZED"}

Can someone please explain which endpoints to use with the new expiring tokens?
Or what am I missing here?
Also on another note, will all other endpoints like sending payment requests to device etc.
will they also be using v2 endpoints for expiring tokens? or the same v1 endpoints only?
REST APIOAuthAPI Token
8 comments
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

bryanvargas avatar image bryanvargas ♦♦ commented ·

Please read through our Unauthorized docs: https://docs.clover.com/docs/401-unauthorized

Also, please make sure your token is correct and valid

0 Likes 0 ·
hladdha avatar image hladdha bryanvargas ♦♦ commented ·
Well, we're using the correct merchant ID, the access tokens were freshly generated using a refresh token. The app has all permissions from the merchants. Still the endpoints are returning unauthorized.
0 Likes 0 ·
parquet76 avatar image parquet76 hladdha commented ·
Maybe Rest Pay Display validates tokens via the old endpoint and Clover needs to make some changes to support the new tokens?
0 Likes 0 ·
hladdha avatar image hladdha bryanvargas ♦♦ commented ·
@bryan.vargas are you from the clover team? Would you be able to validate this? Is the RPD validating tokens via the old endpoint or the new one now?
0 Likes 0 ·
hladdha avatar image hladdha commented ·

Upon further investigation, we've managed to validate that with the new expiring access token we're getting response from most, if not all platform API endpoints like -
https://apisandbox.dev.clover.com/v3/merchants/BXQE4CJT1WBG1/payments

But any of the Rest Pay Display API with the cloud pay display

https://sandbox.dev.clover.com/connect/v1

https://sandbox.dev.clover.com/connect/v2

https://apisandbox.dev.clover.com/connect/v1

https://apisandbox.dev.clover.com/connect/v2

Still are returning the same unauthorized response with the same access token that works successfully with platform APIs.
The app type we're using to generate oauth token is semi integrated - web, does that have any impact on the restpay API?
Do we need any separate permissions from the merchant / device to access the device using cloud pay display endpoint?

0 Likes 0 ·
parquet76 avatar image parquet76 hladdha commented ·
I suspect RPD is validating tokens via the old endpoint, if so, an update is required. Now you have to convince Clover of that, good luck.
0 Likes 0 ·
hladdha avatar image hladdha parquet76 commented ·
How do I reach out to clover to get them to investigate this issue at least?
0 Likes 0 ·
Show more comments

0 Answers

·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community