Access using https redirect-url is denied at Square Connect Authorize

Question

I am using Square Connect and have a trouble using OAuth API. (Square Connect OAuth API)

When I set a https redirect-url at the apps page, the endpoint gives me an error response without showing a sign-in page. If I send the same request setting localhost (http), it works fine. Why do I get access-denied? Is there any extra things I need to do for https redirect-url?

1. Details for https redirect-url (Failed)
   SSL is self-signed certificate, redirect url is https://{MY_SERVER}/callback, and iptables is stopped.

   • Request
     https://squareup.com/oauth2/authorize?client_id={MY_APPLICATION_ID}&response_type=code&session=false&state=test
   • Callback
     https://{MY_SERVER}/callback?state=test&error=access_denied&error_description=Authorization+not+allowed&response_type=code

2. Details for http redirect-url (Success)
   Redirect url is http://localhost/callback.

   • Request
     https://squareup.com/oauth2/authorize?client_id={MY_APPLICATION_ID}&response_type=code&session=false&state=test
   • Callback
     http://localhost/callback?state=test&code={MY_CODE}&response_type=code

Any help would be greatly appreciated!

Answer 1

I am one of the developers of Square Connect.

By default the OAuth flow is disabled for applications which is why you are seeing the "Authorization not allowed" failure. If you wish to enable OAuth flow for your application then you need to contact Square.