Square API
connect.squareup.com · Finance
Accept in-person and online payments, manage inventory, customers, and loyalty programs. Full sandbox with test card numbers. No monthly fee.
Authentication
Bearer Token
Free developer account at developer.squareup.com. Sandbox access token (sandbox-sq0idb-...) for testing. Pass as Authorization: Bearer YOUR_TOKEN.
Sample Requests
GET
List locations
List your Square business locations.
https://connect.squareup.com/v2/locations
Hover any highlighted part to learn what it does
Headers — extra info sent with the request
| Authorization | Bearer YOUR_SANDBOX_TOKEN |
| Square-Version | 2024-01-18 |
curl -X GET "https://connect.squareup.com/v2/locations" \ -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ -H "Square-Version: 2024-01-18"
import requests
headers = {
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Square-Version": "2024-01-18"
}
response = requests.get(
"https://connect.squareup.com/v2/locations",
headers=headers,
)
print(response.json())const url = 'https://connect.squareup.com/v2/locations';
const response = await fetch(url, {
headers: {
'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
'Square-Version': '2024-01-18'
},
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://connect.squareup.com/v2/locations"
req, _ := http.NewRequest("GET", targetURL, nil)
req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")
req.Header.Set("Square-Version", "2024-01-18")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://connect.squareup.com/v2/locations")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"
req["Square-Version"] = "2024-01-18"
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://connect.squareup.com/v2/locations";
$opts = ["http" => [
"method" => "GET",
"header" => implode("\r\n", [
"Authorization: Bearer YOUR_ACCESS_TOKEN",
"Square-Version: 2024-01-18"
]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST
Create payment
Create a $10.00 test payment in the sandbox.
https://connect.squareup.com/v2/payments
Hover any highlighted part to learn what it does
Headers — extra info sent with the request
| Content-Type | application/json |
| Authorization | Bearer YOUR_SANDBOX_TOKEN |
| Square-Version | 2024-01-18 |
Request Body — data you're sending
{
"source_id": "cnon:card-nonce-ok",
"amount_money": {
"amount": 1000,
"currency": "USD"
},
"idempotency_key": "unique-key-123"
}
curl -X POST "https://connect.squareup.com/v2/payments" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Square-Version: 2024-01-18" \
-H "Content-Type: application/json" \
-d '{"source_id":"cnon:card-nonce-ok","amount_money":{"amount":1000,"currency":"USD"},"idempotency_key":"unique-key-123"}'import requests
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Square-Version": "2024-01-18"
}
data = {
"source_id": "cnon:card-nonce-ok",
"amount_money": {
"amount": 1000,
"currency": "USD"
},
"idempotency_key": "unique-key-123"
}
response = requests.post(
"https://connect.squareup.com/v2/payments",
headers=headers,
json=data,
)
print(response.json())const url = 'https://connect.squareup.com/v2/payments';
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
'Square-Version': '2024-01-18'
},
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
"source_id": "cnon:card-nonce-ok",
"amount_money": {
"amount": 1000,
"currency": "USD"
},
"idempotency_key": "unique-key-123"
}),
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"bytes"
"encoding/json"
)
func main() {
targetURL := "https://connect.squareup.com/v2/payments"
jsonData, _ := json.Marshal({"source_id":"cnon:card-nonce-ok","amount_money":{"amount":1000,"currency":"USD"},"idempotency_key":"unique-key-123"})
req, _ := http.NewRequest("POST", targetURL, bytes.NewBuffer(jsonData))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")
req.Header.Set("Square-Version", "2024-01-18")
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://connect.squareup.com/v2/payments")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
req["Content-Type"] = "application/json"
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"
req["Square-Version"] = "2024-01-18"
req["Content-Type"] = "application/json"
req.body = "{\"source_id\":\"cnon:card-nonce-ok\",\"amount_money\":{\"amount\":1000,\"currency\":\"USD\"},\"idempotency_key\":\"unique-key-123\"}"
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://connect.squareup.com/v2/payments";
$opts = ["http" => [
"method" => "POST",
"header" => implode("\r\n", [
"Content-Type: application/json",
"Authorization: Bearer YOUR_ACCESS_TOKEN",
"Square-Version: 2024-01-18",
"Content-Type: application/json"
]),
"content" => json_encode({"source_id":"cnon:card-nonce-ok","amount_money":{"amount":1000,"currency":"USD"},"idempotency_key":"unique-key-123"}),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- Create a free developer account at developer.squareup.com
- Get your sandbox access token from the developer dashboard
- Always add Square-Version: YYYY-MM-DD header
- Sandbox: use connect.squareup.com with sandbox-sq0idb-... token
- Test nonces: cnon:card-nonce-ok (success), cnon:card-nonce-declined (decline)