While Lightspeed integration we encounter a few problems, Here I’m sharing my integration experience with Lightspeed and possible solution. Hope this will help you guys and save a couple of hours.

Problems while integrating Lightspeed API for Order management or reporting.

1.      Getting access of Client ID and Secret Key.  This is the first step for rest of the series

            Sometimes it takes one or two weeks to deliver the keys so my suggestion is to get in contact with the support team

i.e. restaurant.support@lightspeedhq.com

2.      How do we get the Code Challenge and Code Verifier pair and how to use these values in which APIs
3.      Creation of Authentication Request URL with the provided keys.
4.      Where to hit the Generated Authentication URL.
5.      Which login details will be used for login so you can allow the API.
6.      From where you will get the code which will be used while generating the authToken.

 

Integrate with the Lightspeed Restaurant platform

Type: L Series

https://developers.lightspeedhq.com/resto-api/introduction/gettingstarted/

1.  Getting Started

    Lightspeed Restaurant offers a REST API in order to communicate with the data in the system.

2.  Accessing the API

    Access to the Lightspeed Restaurant API is limited to Partners and pre-selected developers only.

3.  Developing for the API

    After receiving approval to access the API, the API Support Team will create a developer account on the Restaurant staging environment. All development and testing must take place on the staging servers.

4.  URLs

Staging Base URL: https://test.lightspeedapis.com/resto/

Production Base URL: https://lightspeedapis.com/resto/

5.  Authorization

Lightspeed supports the OAuth2 Authorization Code grant flow.

Lightspeed supports OAuth2 for partner integrations to gain access to an account.

6.  Getting the client ID and client secret from Lightspeed. Please request Lightspeed to share the client ID and client secret which will be used at every step.

7.  Generate Code Challenge and Code Verifier pair which will be used in two different places.

Use the following online tool to generate a code challenge from a code verifier: https://tonyxu-io.github.io/pkce-generator/

8.  Authorization Request

             Authorization URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/authorize

             Authorization URL (production): https://lightspeedapis.com/resto/oauth2/v1/authorize

    At this place, we need code challenge in combination with other query strings.

    The Complete URL will look like below:

    Method: GET

    URL: https://test.lightspeedapis.com/resto/oauth2/v1/authorize

        ?response_type=code

        &client_id=<Consumer Client ID>

        &code_challenge=iK6jWzh91fWq3-OD8le8HOgV3CdMqFp5HnxnCEPA4bQ

        &code_challenge_method=S256

    e.g:

https://test.lightspeedapis.com/resto/oauth2/v1/authorize

        ?response_type=code

        &client_id=dNUipzr6hZSGaf

        &code_challenge=iK6jWzh91fWq3-OD8le8HOgVnCEPA4bQ

        &code_challenge_method=S256

9.  When you hit the above URL in the browser it will redirect you to the login page of Lightspeed.

    Enter your admin login details over there, post login it will ask you to allow the current URL.

    Click on the Allow button, it will redirect you to your predefined redirect URL.

    One thing which is most important from the last URL is to get the Code.

    So copy the code and hit the next API which is Token Request API because in 30 seconds the code will be expired.

10. Token Request: This step will be your last step to access the token.  

    Token URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/token

    Token URL (production): https://lightspeedapis.com/resto/oauth2/v1/token

    Once you have a code, you can then send a request to the /token endpoint with the received code and the OAuth client credentials to retrieve an access token and refresh token.

    Method: POST

    URL:    https://test.lightspeedapis.com/resto/oauth2/v1/token

            Authorization: Basic <Base 64 encoded Consumer Client ID:Consumer Client Secret>

            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code

            redirect_uri=<Consumer Redirect URI>

            code_verifier=<Code Verifier, in plain text>

            code=aBcDeFG12

11. Refresh Token

        Token URL (staging): https://test.lightspeedapis.com/resto/oauth2/v1/token\

        Token URL (production): https://lightspeedapis.com/resto/oauth2/v1/token

        Once the access token expires, you will need to use the refresh token to get a new access token.

        Refresh tokens do not expire and can only be used once

        Method: POST

        URL:    https://test.lightspeedapis.com/resto/oauth2/v1/token

                Content-Type: application/x-www-form-urlencoded

                Authorization: Basic <Base 64 encoded Consumer Client ID:Consumer Client Secret>

                grant_type=refresh_token

                refresh_token=Sy19AqfojTyXqES9sSQQrRzM5GzQuTsX

Leave a Reply