Square

​

At a glance

• Availability: Experimental (how to enable).
• Auth: OAuth 2.0.
• Connection: A user authorizes the connection in the provider’s consent screen.
• Scopes: MERCHANT_PROFILE_READ, PAYMENTS_READ, ORDERS_READ, CUSTOMERS_READ, ITEMS_READ.
• Docs: https://developer.squareup.com/docs/oauth-api/overview

​

Credentials

Set these per environment. See Connect an integration. With a managed OAuth app, Connect works without these variables; set them to use your own OAuth app instead.

​

Setup

1. Create a Square application: Go to the Developer Console at https://developer.squareup.com/apps and create an application. Use the Production tab for live data; the Sandbox tab (connect.squareupsandbox.com) provides a test seller account.
2. Configure the redirect URL: In the app’s OAuth settings, set the Production Redirect URL to your deployment’s /api/auth/square/callback URL.
3. Copy credentials: Copy the Application ID and OAuth Application Secret from the OAuth page into SQUARE_CLIENT_ID and SQUARE_CLIENT_SECRET in your .env.
4. Connect and verify: Complete the OAuth consent flow, then run List Locations to confirm access.

• This connector uses the confidential code flow; Square’s token endpoint takes client_id and client_secret in the JSON request body
• Every request sends a Square-Version header (tools default to 2026-05-20); update the default to adopt newer API versions
• Refresh tokens from the code flow do not expire, but sellers can revoke access at any time

Provider API reference: https://developer.squareup.com/docs

​

Tools

​

Example prompts

• List my Square payments from the last 7 days and summarize totals by status.
• Search my Square orders in the OPEN state across all locations.