While Lightspeed integration we encounter a few problems, Here I’m sharing my integration experience with Lightspeed and possible solution. Hope this will help you guys and save a couple of hours.

Problems while integrating Lightspeed API for Order management or reporting.

1.  Getting access of Client ID and Secret Key.  This is the first step for rest of the series

Sometimes it takes one or two weeks to deliver the keys so my suggestion is to get in contact with the support team

i.e. restaurant.support@lightspeedhq.com

2.  How do we get the Code Challenge and Code Verifier pair and how to use these values in which APIs

3.  Creation of Authentication Request URL with the provided keys.

4.  Where to hit the Generated Authentication URL.

5.  Which login details will be used for login so you can allow the API.

6.  From where you will get the code which will be used while generating the authToken.


Integrate with the Lightspeed Restaurant platform

Type: L Series


1.  Getting Started

Lightspeed Restaurant offers a REST API in order to communicate with the data in the system.

2.  Accessing the API

Access to the Lightspeed Restaurant API is limited to Partners and pre-selected developers only.

3.  Developing for the API

After receiving approval to access the API, the API Support Team will create a developer account on the Restaurant staging environment. All development and testing must take place on the staging servers.

4.  URLs

Staging Base URL: https://test.lightspeedapis.com/resto/

Production Base URL: https://lightspeedapis.com/resto/

5.  Authorization

Lightspeed supports the OAuth2 Authorization Code grant flow.

Lightspeed supports OAuth2 for partner integrations to gain access to an account.

6.  Getting the client ID and client secret from Lightspeed. Please request Lightspeed to share the client ID and client secret which will be used at every step.

7.  Generate Code Challenge and Code Verifier pair which will be used in two different places.

Use the following online tool to generate a code challenge from a code verifier: https://tonyxu-io.github.io/pkce-generator/

8.  Authorization Request

Authorization URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/authorize

Authorization URL (production): https://lightspeedapis.com/resto/oauth2/v1/authorize

At this place, we need code challenge in combination with other query strings.

The Complete URL will look like below:

Method: GET

URL: https://test.lightspeedapis.com/resto/oauth2/v1/authorize


&client_id=<Consumer Client ID>









9.  When you hit the above URL in the browser it will redirect you to the login page of Lightspeed.

Enter your admin login details over there, post login it will ask you to allow the current URL.

Click on the Allow button, it will redirect you to your predefined redirect URL.

One thing which is most important from the last URL is to get the Code.

So copy the code and hit the next API which is Token Request API because in 30 seconds the code will be expired.

10. Token Request: This step will be your last step to access the token.  

Token URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/token

Token URL (production): https://lightspeedapis.com/resto/oauth2/v1/token

Once you have a code, you can then send a request to the /token endpoint with the received code and the OAuth client credentials to retrieve an access token and refresh token.

Method: POST

URL:    https://test.lightspeedapis.com/resto/oauth2/v1/token

Authorization: Basic <Base 64 encoded Consumer Client ID:Consumer Client Secret>

Content-Type: application/x-www-form-urlencoded


redirect_uri=<Consumer Redirect URI>

code_verifier=<Code Verifier, in plain text>


11. Refresh Token

Token URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/token

Token URL (production): https://lightspeedapis.com/resto/oauth2/v1/token

Once the access token expires, you will need to use the refresh token to get a new access token.

Refresh tokens do not expire and can only be used once

Method: POST

URL:    https://test.lightspeedapis.com/resto/oauth2/v1/token

Content-Type: application/x-www-form-urlencoded

Authorization: Basic <Base 64 encoded Consumer Client ID:Consumer Client Secret>



Leave a Reply


Your Cart

    Product Price Quantity Total
Empty Cart

Your cart is empty