Getting started with Mollie Connect

With Mollie Connect, you can connect multiple Mollie accounts together. See the overview for more information.

Most of the functionality of Mollie Connect leverages the open standard OAuth. This guide will explain how you can register your OAuth app and how to connect your users to it.

Understanding the OAuth authorization flow

To support OAuth with your app, you must implement the common OAuth authorization flow. The flow starts with a Connect with Mollie button, and if all goes well, at the end of it you will have received an access token. With this token, your app will be able to communicate with the Mollie API on behalf of the user.

The authorization flow looks roughly as follows.

Building an OAuth-compatible app

Next, you will have to build an app that supports the authorization flow detailed above. For many programming languages there are open source packages available with detailed instructions to help you implement the flow.

Some examples:

If your application is built with PHP, you can integrate it using the official mollie/oauth2-mollie-php package. The official Python client even supports OAuth out of the box.

Once you have an OAuth compatible app running, let’s register your app at Mollie next.

Registering your app

Use the details below to configure your app to work with our platform.

  • Client ID: received upon app registration
  • Client Secret: received upon app registration
  • Redirect URL: a URL within your app that processes authorizations
  • Authorization URL: https://my.mollie.com/oauth2/authorize, see the Authorize endpoint
  • Access token URL: https://api.mollie.com/oauth2/tokens, see the Tokens endpoint
  • Resource owner URL: https://api.mollie.com/v2/organizations/me, see Get organization

Getting a merchant’s consent

After having implemented OAuth and having registered your app at Mollie, you can send your user to Mollie through the default authorization URL as configured in your app. Good practice is to show a Connect with Mollie button, which redirects the merchant to the authorization screen (i.e., the Authorize endpoint).

When you send a merchant to the authorization screen, Mollie will tell the merchant what data your app has requested access to and request the merchant to confirm the authorization. An example authorization is shown below.

See OAuth: Permissions for a complete list of available permissions you can request from your user.

Working with access tokens

The merchant will be redirected back to your app, along with an auth code. With the auth code, you can retrieve an access token using default OAuth library functionality.

Note access tokens are time-limited — you need to refresh them periodically using the refresh token. The time limits are listed below.

TokensLimit
Auth code30 seconds
Access token1 hour
Refresh tokenDoes not expire automatically

Once you have the access token, use the Get current organization to see which organization is authenticated to your app. This endpoint also allows you to retrieve the merchant’s preferred locale. It is recommended to switch your app’s locale to the merchant’s locale after the OAuth flow.

Using the access token on the Mollie API, your app may now access the merchant’s account data, allowing the merchant to start using your app.