Authorization

Overview

POS Hub uses OAuth2 for authentication and authorization. This guide provides an overview of the authorization process for applications.

For details on how to authenticate and obtain access tokens, refer to the Authentication Guide.

Code Flow

The authorization code flow is a key part of how applications are installed and authorized to access a merchant's POS Hub location. This flow allows applications to request access to a merchant's data securely.

The code flow involves the following steps:

1. Application Registration: The application is registered with POS Hub, obtaining a client ID and client secret.
2. Authorization Request: The application redirects the user to the authorization endpoint with the client ID, redirect URI, and requested scopes.
3. User Consent: If the application is not a verified first-party application, the user is prompted to grant permissions to the application.
4. Authorization Code: Upon user consent, POS Hub redirects back to the application with an authorization code.
5. Token Exchange: The application exchanges the authorization code for an access token by making a request to the token endpoint with the client ID, client secret, and authorization code.
6. Access Token: The application receives an access token, which can be used to make authorized API requests on behalf of the user.

Within the POS Hub client, these links are generated dynamically and triggered in a new window from the "Connect Application" area within the POS Hub Location, typically you will not need to manually generate these links.

The end to end authorization flow of an application can be visualized as follows: