Getting started with Mollie Connect¶
With Mollie Connect you can connect multiple Mollie accounts together. See the overview for more information.
Most of the functionality of Mollie Connect leverages the open standard OAuth. This guide will explain how you can register your OAuth app, and how to connect your users to it.
Understanding the OAuth authorization flow¶
To support OAuth with your app, you will have to implement the common OAuth authorization flow. The flow starts with a Connect with Mollie button, and, if all went well, at the end of it you will have received an access token. With this token your app will be able to communicate with the Mollie API on behalf of the user.
The authorization flow looks roughly as follows.
Building an OAuth compatible app¶
Next, you will have to build an app that supports the authorization flow detailed above. For many programming languages there are open source packages available with detailed instructions to help you implement the flow.
Some examples:
- Simple OAuth2 for Node.js
- The PHP League’s OAuth 2.0 Client for PHP
- Authlib for Python, with support for common web frameworks like Flask and Django
If your application is built with PHP, you can integrate it using the official mollie/oauth2-mollie-php package. The official Python client even supports OAuth out of the box.
Once you have an OAuth compatible app running, let’s register your app at Mollie next.
Registering your app¶
You can register the app in your Dashboard. You will receive a Client ID and Client Secret, both of which should be kept secret. These credentials can be used to:
- Redirect users to your app’s authorization form (Client ID)
- Exchange auth codes for access tokens (Client ID & Client Secret)
- Renew your access tokens
- Deauthorize users from your app (Client ID & Client Secret)
Configuring your OAuth app¶
Use the details below to configure your app to work with our platform.
- Client ID: received upon app registration
- Client Secret: received upon app registration
- Redirect URL: a URL within your app that processes authorizations
- Authorization URL:
https://my.mollie.com/oauth2/authorize, see the Authorize endpoint - Access token URL:
https://api.mollie.com/oauth2/tokens, see the Tokens endpoint - Resource owner URL:
https://api.mollie.com/v2/organizations/me, see Get organization
Getting a merchant’s consent¶
After having implemented OAuth and having registered your app at Mollie, you can send your user to Mollie through the default authorization URL as configured in your app. Good practice is to show a Connect with Mollie button which redirects the merchant to the authorization screen (i.e. the Authorize endpoint).
When you send a merchant to the authorization screen, Mollie will tell the merchant what data your app has requested access to, and request the merchant to confirm the authorization. An example authorization is shown below.
See OAuth: Permissions for a full list of available permissions you can request from your user.
Working with access tokens¶
The merchant will be redirected back to your app, along with an auth code. With the auth code, you can retrieve an access token using default OAuth library functionality.
Note access tokens are time limited — you need to refresh them periodically using the refresh token. The time limits are listed below.
| Auth code | 30 seconds |
| Access token | 1 hour |
| Refresh token | Does not expire automatically |
Once you have the access token, use the Get current organization to see which organization authenticated to your app. This endpoint also allows you to retrieve the merchant’s preferred locale. It is recommended to switch your app’s locale to the merchant’s locale after the OAuth flow.
Using the access token on the Mollie API, your app may now access the merchant’s account data, allowing the merchant to start using your app.
The Connect with Mollie button¶
To keep the user experience consistent, we recommend using one of the buttons below in your authorization flow.
The download includes a Sketch file and retina PNGs.