Ecommerce app permissions
Your app must request specific permissions from merchants to access and update their data. In addition, on the Developer Dashboard, you must specify the Ecommerce integration type you are using for your app.
Required app permissions
Merchants using your app grant your app permissions during installation, and your app will use the associated OAuth token to use for all API calls on behalf of the merchant (see Using OAuth 2.0 for more information about the OAuth flow). Your app should only request the minimum permissions required for your app to function.
PAKMS service endpoint
Operation | Required permission |
|---|---|
Get public key | Online payments |
Tokenization service endpoint
Operation | Required permissions |
|---|---|
Create token | None |
IMPORTANT
To create a token using
POST /v1/tokens, you need a public key retrieved from the PAKMS service.
Ecommerce service endpoints
Charge endpoints
Operation | Required permissions |
|---|---|
Create a charge | Online payments |
Capture an open charge | Read payments |
Get charges | Read payments |
Get a single charge | Read payments |
Customer endpoints
Operation | Required permissions |
|---|---|
Create a card-on-file customer | Read customers |
Add a card to an existing customer | Read customers |
Remove a card from an existing customer | Read customers |
Order endpoints
Operation | Required permissions | Additional permissions |
|---|---|---|
Create an order | Read merchant | To add a customer: To add |
Get orders | Read orders | |
Get an order | Read customers | |
Pay for an order | Read customers | |
Return an order | Read customers |
NOTE
Getting an order with
GET /v1/orders/{orderId}auto-expands the following fields:
lineItemslineItems.taxRatespaymentsrefundscustomers
Refund endpoints
Operation | Required permissions |
|---|---|
Get refunds | Read payments |
Get a refund | Read payments |
Refund a charge | Read customers |
Recurring Payments service endpoints
Plan endpoints
Operation | Required permissions |
|---|---|
Create plan | Read merchant |
Get a plan | Read merchant |
Edit a plan | Read merchant |
Deactivate a plan | Read merchant |
Subscription endpoints
Operation | Required permissions |
|---|---|
Create a subscription | Read customers |
Get a subscription | Read merchant |
Edit a subscription | Read customers |
Cancel a subscription | Read customers |
Setting app permissions and integration type
To set app permissions and integration type for your app:
- On the Developer Dashboard, click App Settings on the side-nav.
- On the App Settings page, click Requested Permissions.
- On the Edit Requested Permissions modal that appears, select your app's read or write permissions for Ecommerce API as required. For any selected permission, provide in-line justification about how your app is using this information.
- Click Save. Your selected permissions appear on the App Settings page.
- On the App Settings page, click the additional Ecommerce Settings that appear.
- On the Edit Ecommerce Settings modal that appears, select your integration type. See Integration types for more information.
- Click Save. Your selected integration type appears on the App Settings page.
Updated 5 days ago