Link a new or existing organization to your OAuth application, in effect creating a new client. The response contains a clientLink where you should redirect your customer to.
Redirecting the Customer
The clientLink URL behaves similarly to a standard OAuth authorization URL. Therefore, after receiving the clientLink URL in the API response, you need to append the following query parameters before redirecting the customer:
-
client_idstring (required)The client ID you received when you registered your OAuth app. The ID starts with
app_. For example:app_abc123qwerty. -
statestring (required)A random string generated by your app to prevent CSRF attacks. This will be reflected in the
statequery parameter when the user returns to theredirect_uriafter authorizing your app. -
scopestring (required)A space-separated list of permissions ('scopes') your app requires. See the permissions list for more information about the available scopes.
We recommend at least :
onboarding.read onboarding.write -
approval_promptstringCan be set to
forceto force showing the consent screen to the merchant, even when it is not necessary. If you force an approval prompt and the user creates a new authorization, previously active authorizations will be revoked.Possible values:
autoforce(default:auto)
Example of a Complete Redirect URL
After adding the above url parameter your URL will look something like this and you can redirect your client to this page:
https://my.mollie.com/dashboard/client-link/{id}?client_id={your_client_id}&state={unique_state}&scope=onboarding.read%20onboarding.write
Error Handling
Error handling is also dealt with similar to the Authorize endpoint: the customer is redirected back to your app's redirect URL with the error and error_description parameters added to the URL.
A client link must be used within 30 days of creation. After that period, it will expire and you will need to create a new client link.