question

tier1marketing asked Mar 26, '24 tomdanny answered Mar 28, '24

Private App Merchant Authentication

Given that I am creating a custom Clover app for an e-commerce application that is integrated with Clover, it includes a payment gateway integration and inventory sync. We already built it, we've connected it using a sandbox, and works as expected.

Our app will not be public, it is only for one single user / merchant.

I've been told that, since it is a private app, it does not have to go through approval, being that approval can take six weeks or more, I would like to get my app connected to the live merchant account.

On another thread, I got a response that said just to use the "client token", but I cannot find the reference in the documentation for this, I'm kind of lost on what has to be done and by who.

Our client is a large team, and we have access to one of the Admins clover account, but not the owner account.

I know from the documentation that authenticating the app requires the special link

https://www.clover.com/oauth/authorize?client_id={APPID}

Here are my questions,

Can an merchant admin authenticate the app to the merchant account? Or only owners?
Since it's a private app, should I be using the code method or the token method? - see image below
Do I just get the Merchant Tokens from the admin setting area? - see image below

OAuth auth tokens

tempest-rental-app-frame-2.jpg (265.7 KiB)

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

parquet76 answered Mar 26, '24 parquet76 edited Mar 26, '24

You should probably provide a bit more information on exactly what APIs you are using. For example, if you are using webhooks, you will need an app. If you are just using e-commerce/rest APIs then you can use a merchant token which can be created in the API tokens and ecommerce API tokens section you have highlighted in the screen shots. I believe that I've been will be able to create these tokens for you. Question 2 does not apply since you won't be obtaining a token via oauth.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

pravesh2626 answered Mar 27, '24

actually i want to install my app to Marchant account, it that possible to install the app without approved ?

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

thedangler answered Mar 27, '24

You have to have 2FA enabled to get the tokens.
One thing that is not clear is if there is a what tokens let you do everything.
Also, in sandbox if you enable 2FA it might cause issue with you loggin into your dev account.
I was locked out for a week until dev team turned off 2FA for the test merchant account so I can't even generate tokens because it breaks lol.

And webhooks still aren't working.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

tomdanny answered Mar 28, '24

Explore Private App Merchant Authentication exclusively at Sharaf DG Deals. Enhance security measures and protect sensitive data with this authentication solution tailored for merchants. Just as Sharaf DG Deals offers unbeatable discounts and promotions, this opportunity provides access to advanced security features for businesses. Safeguard your confidential information and streamline authentication processes with Private App Merchant Authentication. Access exclusive content now and ensure the security of your merchant applications with Wow Deals 360.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community