square-api-reference
Use when working with Square API for payments, orders, customers, catalog, webhooks, or OAuth. Also use when setting up Square authentication, handling payment errors, or switching from the legacy Square SDK.
| Model | Source |
|---|---|
| sonnet | pack: payments |
Full Reference
ββ π§ square-api-reference βββββββββββββββββββββββ β Use when working with Square API for payments,β¦ β ββββββββββββββββββββββββββββββββββββββββββββββββββ
Square API
Section titled βSquare APIβVersion: 2026-01-22 | Production:
https://connect.squareup.com| Sandbox:https://connect.squareupsandbox.com
Quick Reference
Section titled βQuick Referenceβ| Item | Value |
|---|---|
| Current API Version | 2026-01-22 |
| Auth | Authorization: Bearer ACCESS_TOKEN (server-side only) |
| Node.js | npm install square (v40+) β requires BigInt for money fields |
| Python | pip install squareup (v42+) β Pydantic response models |
Reference Index
Section titled βReference IndexβRoute to the relevant file based on the task:
| I want to⦠| File |
|---|---|
| SDK install, versioning, environments, migration from legacy | reference/sdk-setup.md |
| Access tokens, OAuth 2.0, PKCE, scopes, client init | reference/authentication.md |
| Create/cancel/refund payments, idempotency, fees | reference/payments.md |
| Create orders, pay orders, order states | reference/orders.md |
| Customer profiles, cards on file, list/charge saved cards | reference/customers.md |
| Catalog items, variations, categories, upsert, search | reference/catalog.md |
| Webhook signature verification, event types, best practices | reference/webhooks.md |
| Error categories, HTTP codes, error handling pattern, rate limits, backoff | reference/errors-and-limits.md |
| Sandbox setup, test nonces, Web Payments SDK, local webhook testing | reference/testing.md |
| API version history, SDK rewrite migration guide | reference/changelog.md |
Usage: Read the reference file matching your current task from the index above. Each file is self-contained with code examples and inline gotchas.
Critical Gotchas
Section titled βCritical Gotchasβ| Gotcha | Detail |
|---|---|
| Node.js money fields | Require BigInt(100) β plain integers throw |
| Python responses | Pydantic models β use .attribute, not ['key'] |
| Python errors | try/except ApiError β not response.is_error() |
| Webhook body parsing | Must use raw body parser β express.raw() not express.json() |
| Signature comparison | Use hmac.compare_digest / timingSafeEqual β not == |
| Sandbox vs production | Credentials are completely separate β no cross-environment tokens |
| Legacy SDK paths | square/legacy and square_legacy deprecated β migrate now |