> ## Documentation Index
> Fetch the complete documentation index at: https://veryfront.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Square

> Read payments, orders, customers, catalog, and locations from Square

## At a glance

* **Availability**: Experimental ([how to enable](/cloud/integrations)).
* **Auth**: OAuth 2.0.
* **Connection**: A user authorizes the connection in the provider's consent screen.
* **Scopes**: `MERCHANT_PROFILE_READ`, `PAYMENTS_READ`, `ORDERS_READ`, `CUSTOMERS_READ`, `ITEMS_READ`.
* **Docs**: [https://developer.squareup.com/docs/oauth-api/overview](https://developer.squareup.com/docs/oauth-api/overview)

## Credentials

Set these per environment. See [Connect an integration](/cloud/integrations).

With a managed OAuth app, Connect works without these variables; set them to use your own OAuth app instead.

| Variable               | Required | Description                                                                          |
| ---------------------- | -------- | ------------------------------------------------------------------------------------ |
| `SQUARE_CLIENT_ID`     | Yes      | Square application ID (OAuth client ID) [Docs](https://developer.squareup.com/apps). |
| `SQUARE_CLIENT_SECRET` | Yes      | Square OAuth application secret [Docs](https://developer.squareup.com/apps).         |

## Setup

1. **Create a Square application**: Go to the Developer Console at [https://developer.squareup.com/apps](https://developer.squareup.com/apps) and create an application. Use the Production tab for live data; the Sandbox tab (connect.squareupsandbox.com) provides a test seller account.
2. **Configure the redirect URL**: In the app's OAuth settings, set the Production Redirect URL to your deployment's /api/auth/square/callback URL.
3. **Copy credentials**: Copy the Application ID and OAuth Application Secret from the OAuth page into SQUARE\_CLIENT\_ID and SQUARE\_CLIENT\_SECRET in your .env.
4. **Connect and verify**: Complete the OAuth consent flow, then run List Locations to confirm access.

* This connector uses the confidential code flow; Square's token endpoint takes client\_id and client\_secret in the JSON request body
* Every request sends a Square-Version header (tools default to 2026-05-20); update the default to adopt newer API versions
* Refresh tokens from the code flow do not expire, but sellers can revoke access at any time

Provider API reference: [https://developer.squareup.com/docs](https://developer.squareup.com/docs)

## Tools

| Tool           | Access | Description                                                |
| -------------- | ------ | ---------------------------------------------------------- |
| List Payments  | Read   | List payments taken by the seller account                  |
| Get Payment    | Read   | Get details of a payment                                   |
| Search Orders  | Read   | Search orders across locations (read-only search via POST) |
| List Customers | Read   | List customer profiles                                     |
| List Locations | Read   | List the seller's business locations                       |
| List Catalog   | Read   | List catalog objects such as items and categories          |

## Example prompts

* List my Square payments from the last 7 days and summarize totals by status.
* Search my Square orders in the OPEN state across all locations.
