The first time a merchant authenticates through OAuth2 (Or the first time they install it through the Clover App Market), they will be required to authorize permissions that the app will have over the merchant they are logged in with.
Clover will ask you to provide a detailed explanation for each permission you request during the approval process.
Most of the information below is from the Clover API Documentation and may not fully apply to WeeConnectPay, however, it does mold the limitations of WeeConnectPay. As such, it has not been edited and simply provided here for convenience.
Ecommerce app permissions (source)
Your app must request specific permissions from merchants to access and update their data. In addition, on the Developer Dashboard, you must specify the Ecommerce integration type you are using for your app.
Required app permissions
Merchants using your app grant your app permissions during installation, and your app will use the associated OAuth token to use for all API calls on behalf of the merchant (see Using OAuth 2.0 for more information about the OAuth flow). Your app should only request the minimum permissions required for your app to function.
PAKMS service endpoint
Operation | Required permission |
Get public key | Online payments |
Tokenization service endpoint
Operation | Required permissions |
Create token | None |
π§ IMPORTANT
To create a token using POST /v1/tokens, you need a public key retrieved from the PAKMS service.
Ecommerce service endpoints
Charge endpoints
Operation | Required permissions |
Create a charge | Online payments |
Capture an open charge | Read payments |
Get charges | Read payments |
Get a single charge | Read payments |
Customer endpoints
Operation | Required permissions |
Create a card-on-file customer | Read customers |
Add a card to an existing customer | Read customers |
Remove a card from an existing customer | Read customers |
Order endpoints
Operation | Required permissions | Additional permissions |
Create an order | Read merchant | To add a customer: To add |
Get orders | Read orders |
|
Get an order | Read customers |
|
Pay for an order | Read customers |
|
Return an order | Read customers |
|
π NOTE
Getting an order with GET /v1/orders/{orderId} expands the following fields:
lineItemslineItems.taxRatespaymentsrefundscustomers
Refund endpoints
Operation | Required permissions |
Get refunds | Read payments |
Get a refund | Read payments |
Refund a charge | Read customers |
Recurring Payments service endpoints
Plan endpoints
Operation | Required permissions |
Create plan | Read merchant |
Get a plan | Read merchant |
Edit a plan | Read merchant |
Deactivate a plan | Read merchant |
Subscription endpoints
Operation | Required permissions |
Create a subscription | Read customers |
Get a subscription | Read merchant |
Edit a subscription | Read customers |
Cancel a subscription | Read customers |
Set app permissions and integration type
Log in to your sandbox Developer Dashboard.
From the left navigation menu, click Your Apps > App name > App Settings. The App name - App Settings page allows you to view and configure settings and permissions that your app requires for accessing Clover merchant data.
Click Requested Permissions. The Edit Requested Permission page appears.
Select your app's read or write permissions for Ecommerce API, as required. For any selected permission, provide in-line comment about how your app is using this information.
Click Save. Your selected permissions display on the App Settings page.
Click Ecommerce Settings. The Edit Ecommerce Settings page appears.
Select your integration type. See
Integration types for more information.Click Save. Your selected integration type displays on the App Settings page.