question

kacyjames avatar image
kacyjames asked ·

Retrieving an Auth Token for Remote Pay Cloud

I'm currently using the remote pay cloud library for JavaScript and am getting a 401 when I attempt to connect to the clover hardware specified in my CloverConnectorFactory. I'm currently using my app secret key where the oauthToken would go below. Is that correct? If not, how would I go about obtaining an oauth key in the sandbox environment. It wasn't immediately clear after reading through https://docs.clover.com/build/oauth-2-0/. Does the user of the system have to authenticate through a login page each time, or is this something that can be done silently when the application starts (after the user logs in with our company's own auth?)

const connector = new clover.CloverConnectorFactory().createICloverConnector({      'oauthToken': '<redacted>', // <-- Is this the app secret, or a key retrieved from auth?       
    'merchantId': '<redacted>',      
    'clientId'  : '<redacted>',      
    'remoteApplicationId': '<redacted>',      
    'deviceSerialId': '<redacted>',      
    'domain': 'https://sandbox.dev.clover.com/'    
});
Remote Pay CloudCloud Pay Display
2 comments
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

What version of remote-pay-cloud are you using? 1.2.0?

0 Likes 0 · ·
Yes, I'm using remote-pay-cloud 1.2.0
0 Likes 0 · ·
rachel avatar image
rachel answered ·
The short answer: the value for the key 'oauthToken' should be an OAuth token, not the app secret.

The longer answer: Try removing the oauthToken key-value pair from the configuration object. Given the type of configuration you're using, Remote Pay Cloud will attempt to gather the information it needs if that information is not provided. This process may involve redirection of the page and XHR requests, all of which are performed using default browser objects. This requires that the app has a Site URL, CORS Domain, and is returning a Code. You can edit the app's web settings from your Developer Dashboard. Also, the app needs Merchant Read permissions. Permissions are set when an app is installed, so if you changed the app's permissions, you'll have to uninstall and reinstall the app by visiting the App Market from your test merchant's Merchant Dashboard.

Alternatively, you can implement our OAuth flow in your web app and then store the resulting token. Then, when a merchant returns to your site and logs in with your company's auth, you can retrieve their token from your database and they don't have to re-auth through Clover.

As you can read at CloverConnectorFactory.ts, the configuration you're using is a legacy configuration. Remote Pay Cloud 1.2.0 introduces a new type of connector configuration that doesn't rely on browser objects, if that's a requirement you have.
2 comments Share
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Thanks for the detailed response Rachel! The flow worked when I removed the oauthToken key and I was able to connect to the hardware (through a redirect to the clover portal where I was prompted for my username and password) I kept seeing mention of the legacy connector being created in the logs, but thought nothing of it because that method of connecting is suggested by the documentation.

Is there updated documentation for the non-legacy connector object?
0 Likes 0 · ·

Hi Rachel. I'd definitely be interested in learning about how to use the new type of connector configuration that doesn't rely on browser objects.

0 Likes 0 · ·
racheladmin avatar image
racheladmin answered ·
Remote Pay Cloud 1.2.0 is written TypeScript. In the repo's README, there's an example that uses the WebSocketPairedCloverDeviceConfiguration class, but for Cloud Pay Display, you would use the WebSocketCloudCloverDeviceConfiguration class instead. The constructor takes the webSocketFactoryFunction that you specify, which can be a browser or a backend implementation, depending on how your app is structured.
Share
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community