Why use OAuth?

OAuth is the industry-standard protocol for online authorization. Due to the sensitivity of merchant data, Clover has implemented the OAuth 2.0 security framework.

When a merchant selects and installs your app from the Clover App Market, Clover uses OAuth to secure the communication between your app and the merchant and to grant your app the necessary access to merchant data. Your app may need to access data about Clover merchants, such as their order history or current inventory, using the Clover REST API.

For more information, see Blog: Fiddling Through Digital Keys: Clover Auth Tokens and Ecommerce Keys.

OAuth flows based on regions

Clover has introduced expiring tokens that are generated using a new v2/OAuth flow for apps in the United States and Canada. In this context, note the following:

• If you create apps for Europe or Latin America, use the v1/OAuth flow to generate OAuth API tokens. See Authenticate with OAuth—Europe and Latin America.
• If you create apps for North America—the United States and Canada, use the v2/OAuth flow to create or migrate to expiring authentication tokens with access_token and refresh_token pair. See Authenticate with OAuth—Canada and US.