Getting started with Mollie Connect
With Mollie Connect, you can connect multiple Mollie accounts together. See the overview for more information.
Most of the functionality of Mollie Connect leverages the open standard OAuth. This guide will explain how you can register your OAuth app and how to connect your users to it.
Understanding the OAuth authorization flow
To support OAuth with your app, you must implement the common OAuth authorization flow. The flow starts with a Connect with Mollie button, and if all goes well, at the end of it you will have received an access token. With this token, your app will be able to communicate with the Mollie API on behalf of the user.
The authorization flow looks roughly as follows.
Building an OAuth-compatible app
Next, you will have to build an app that supports the authorization flow detailed above. For many programming languages there are open source packages available with detailed instructions to help you implement the flow.
Some examples:
- Simple OAuth2 for Node.js
- The PHP Leagueβs OAuth 2.0 Client for PHP
- Authlib for Python, with support for common web frameworks like Flask and Django
If your application is built with PHP, you can integrate it using the official mollie/oauth2-mollie-php package. The official Python client even supports OAuth out of the box.
Once you have an OAuth compatible app running, letβs register your app at Mollie next.
Registering your app
Use the details below to configure your app to work with our platform.
- Client ID: received upon app registration
- Client Secret: received upon app registration
- Redirect URL: a URL within your app that processes authorizations
- Authorization URL:
https://my.mollie.com/oauth2/authorize, see the Authorize endpoint - Access token URL:
https://api.mollie.com/oauth2/tokens, see the Tokens endpoint - Resource owner URL:
https://api.mollie.com/v2/organizations/me, see Get organization
Getting a merchantβs consent
After having implemented OAuth and having registered your app at Mollie, you can send your user to Mollie through the default authorization URL as configured in your app. Good practice is to show a Connect with Mollie button, which redirects the merchant to the authorization screen (i.e., the Authorize endpoint).
When you send a merchant to the authorization screen, Mollie will tell the merchant what data your app has requested access to and request the merchant to confirm the authorization. An example authorization is shown below.
See OAuth: Permissions for a complete list of available permissions you can request from your user.
Working with access tokens
The merchant will be redirected back to your app, along with an auth code. With the auth code, you can retrieve an access token using default OAuth library functionality.
Note access tokens are time-limited β you need to refresh them periodically using the refresh token. The time limits are listed below.
| Tokens | Limit |
|---|---|
| Auth code | 30 seconds |
| Access token | 1 hour |
| Refresh token | Does not expire automatically |
Once you have the access token, use the Get current organization to see which organization is authenticated to your app. This endpoint also allows you to retrieve the merchantβs preferred locale. It is recommended to switch your appβs locale to the merchantβs locale after the OAuth flow.
Using the access token on the Mollie API, your app may now access the merchantβs account data, allowing the merchant to start using your app.
Updated about 2 months ago