Clover uses the OAuth 2.0 security framework for third-party developers to authenticate their apps with merchant accounts and lets them use Clover public REST APIs on behalf of the merchant.

Use API tokens for testing in sandbox

When you test your app in the sandbox environment, you can generate and use API tokens instead of access and refresh tokens that you need in the production environment. You can use the API token to test Clover REST APIs from the command line.

Prerequisites

When you make server-side requests to Clover REST APIs, you need the following:

• Authorization header with a type of Bearer token, where you need to enter your auth_token.
• Merchant identifier or merchantId that displays in the browser link (URL) of the Merchant Dashboard for your test merchant.

With this information, you can send the following request from your app server to the Clover server.

https://apisandbox.dev.clover.com/v3/merchants/{mId}

See Use test merchant identifier and API token for more information.

📘

NOTE

You need to use expiring access and refresh tokens in the production environment to secure merchant data. When your app is ready for testing in the production environment, use the following.

• For Web apps: Use the relevant OAuth flow based on regions to generate an auth_token.
• For Android apps: Use the Android SDK to generate an API token and query web services.