REST Pay Display FAQs

General questions

Why do I need OAuth 2.0 as part of my integration?

Clover uses the Open Authorization (OAuth) 2.0 security framework. When a merchant selects and installs your app, Clover uses OAuth 2.0 to first secure the communication between your app and the merchant, and then give your app the necessary access to merchant data.

When an authorized merchant logs in to their Clover merchant account, the Clover server redirects the merchant to your app. The Access Token returned to you in the OAuth session is the Authorization key for the REST Pay Display API.

Note: If your app does not require a server, see OAuth Facilitator Service.

Why do I need to create a Web App in Clover to use REST Pay Display?

A web app (REST client) in Clover that represents your point-of-sale (POS) integration is needed to complete the OAuth flow. The configuration of this web app includes:
a) Permissions from the merchant so that you can access their merchant account and data,and
b) Site link (URL) endpoint on your server, to which the OAuth flow redirects you, along with the appended access token.
When your app is pushed to the merchant, the merchant logs in with their Clover credentials,, and needs to grant permissions for your app. If the merchant grants the permission, then they are redirected to your site URL.

What permissions does my Clover web app (REST Client) need from the merchant?

Merchant Read is the minimum required permission.

  • If your integration only consists of REST Pay Display, then you do not need to submit a privacy policy upon Clover App Approval.
  • If your integration uses the Ecommerce API, then Ecommerce API and Payments Read/Write permissions are required and you need to submit a privacy policy.

What apps need to be installed for my merchant?

The merchant needs to install one of the following:

  • Cloud Pay Display—If you are using a Cloud Connection
  • REST Pay Display—If you are using a Local Connection
  • Regardless of the connection, you also need to push your private web app to the merchant so they can authenticate through OAuth.

In what regions is REST Pay Display currently supported?

REST Pay Display is currently supported in the US and Canada.

Are requests to REST Pay Display API rate limited?

No, due to the synchronous nature of REST Pay Display API, and how device activity is managed, Clover does not limit the rate of this API.

What if I use a proxy server to make calls to REST Pay Display using the local connection?

For your app to connect to the device, you need to ensure that the Clover Production Certificate is properly installed on your proxy server.

Payments questions

Are gift cards supported?

Yes, you can redeem physical Clover gift cards, as well as cobranded network gift cards.
If you have to support a closed-loop gift card system, Clover needs to approve your use of the read card data endpoint for a bank identification number (BIN) range that is whitelisted on Clover.

Is PIN debit supported?


Is surcharge supported?

Yes, see the guide on understanding surcharges.

Is cashback supported?


Is Electronic Benefits Transfer (EBT) supported?

Yes, you can set up your apps to accept EBT transactions with the following configurations:

  • Merchant needs to have the EBT entitlement both in Sandbox and Production. A DevRel support member can configure this in Sandbox, if needed.
  • Use the EBT test card number: 5076 5800 0011 1112
    Note: Clover does not provide physical EBT test cards, but you can manually enter the EBT test card number to trigger "cardType":"EBT" in the payment response for an EBT transaction.

Is cashback supported for EBT cards?

There are two scenarios but cashback is not supported in both:

  • EBT Cash account holders may get cashback with a purchase and withdraw cash; however, these operations are not currently supported by Clover.
  • EBT Food (also called SNAP) does not support cashback.

Paypal™ or Venmo QR codes supported?

Yes, Paypal/Venmo can be enabled for merchants through standard Fiserv-Clover boarding tools and procedures. These upstream systems communicate with Clover to have Paypal/Venmo enabled for payments on Clover. When the tender becomes enabled for merchants, the QR Code is automatically displayed on the screen as customers are prompted for their payment method.

How do I handle Online Refund Authorizations?

When issuing a refund, most card brands now require online authorization of the card, which makes it subject to decline. Currently, this is supported for DiscoverⓇ, InteracⓇ MastercardⓇ, and VisaⓇ cards.
Online refund authorization applies to both refunding an existing payment for a partial or full amount, and issuing a credit to a customer.

Can I tokenize a customer's card on REST Pay Display and use it on Clover Ecommerce API?

Yes, see Interoperability with Ecommerce API for more information. The same application that handles REST Pay Display’s OAuth flow should be used for payment processing through the Ecommerce API.

Is Incremental Auth supported?

Yes, incremental authorizations are only available for:

  • DiscoverⓇ, MastercardⓇ, and VisaⓇ cards, and
  • Merchant types—aircraft rentals, amusement parks, bicycle rentals, boat rentals, car rentals, cruise lines, drinking places, eating places, equipment rentals, lodgings, motor home rentals, motorcycle rentals, trailer parks/campgrounds, and truck rentals. The merchant's MCC (merchant category code) must be under one of the preauth categories.