Create credentials for a partner-hosted app

A Zettle partner-hosted app is hosted by the integrator building the app. Authorisation is done using the authorisation code grant method.

This method provides the client app with access to a merchant’s data without giving away any credentials. The merchant authorises the client app, which presents proof of authorisation to the server. A temporary authorisation code is generated from the authorisation server using app credentials. These include a client secret and client ID. The temporary code is then exchanged for an access token by the authorisation server.

With authorisation code grant, client app usage tracking is available by default.

To use the authorisation code grant method, you need to create app credentials from the Developer Portal. See the following how to do this.

Note: To build an app that will be hosted by individual merchants, see create credentials for a self-hosted app.

Prerequisites

  • An account for the Developer Portal. If you don't have this, sign up for a developer account.

  • A working and publicly available URL. It starts with https and includes a redirect URI to direct your app users back to your app, after they authorise it to access their Zettle merchant data. For example, https://awesomeapp.com. You will use it for getting credentials for a new app.

    If the URL is located at your local server, you can make the URL publicly available using ngrok.

Get new app credentials

Follow these steps to get new app credentials.

  1. Log in to the Developer Portal.

    Note: If you have just signed up with the Developer Portal, you will stay logged in and be directed to the Create app credentials page.

  2. On your Dashboard, click Create app credentials.

    Note: If you haven't created app credentials before, you will be directed to the Create app credentials page after logging in.

    The Dashboard with the Create app credentials button to the right.

  3. On the Create app credentials page, click Public API credentials to open the form for app information.

  4. Fill in the form. For the OAuth Redirect URIs field, fill it in with the URL that you have prepared.

    Example of form with app name, app URL, and company name. Optionally, you can add an OAuth Redirect URIs to redirect merchants to your app after successful login to Zettle.

  5. Click Create credentials to create the app credentials.

  6. Download the app credentials and save them somewhere safe.

    API credentials page with the Download credentials button.

    Tip: If you lose the client secret, you can request a new one.

Request a new client secret for an existing app

See the following how to get a new client secret for an existing app. The client ID of an app doesn't change.

  1. Log in to the Developer Portal.

  2. On your Dashboard, select the app for which you need a new client secret. The current client secret is hidden.

    Dashboard page with app options when getting a new client secret.

  3. On the app page, click Request new client secret to deactivate the current secret and generate a new one. The new client secret will be shown.

    The Request new client secret option to the right in the Dashboard.

  4. Download the app credentials and save them somewhere safe.

Next step

Related information