Braintree Extend/
OAuth/
Client-side Connect Flow

Client-side Connect Flow

Availability
OAuth is in closed beta in production, and open beta in sandbox. Contact us to express interest in the production beta release.
Important
The SSL certificates for Braintree Mobile (iOS and Android) SDKs are set to expire on March 30, 2026. This will impact existing versions of the SDK in published versions of your app. To reduce the impact, upgrade the Android SDK to version 4.45.0+ or version 5.0.0+ for the new SSL certifications. If you do not decommission your app versions that include the older SDK versions or force upgrade your app with the updated certificates by the expiration date, 100% of your customer traffic will fail.

Android OAuth sequenceAnchorIcon

While the high-level OAuth sequence on the Overview still holds true, we recommend this Android-specific client-side flow, which avoids exposing your client_secret:
  1. The merchant taps the Connect with Braintree button in your app
  2. Your app sends the merchant to Braintree for authorization using an Intent and the connect URL supplied by your server
  3. After the merchant has authorized and your server has created an access token, your server redirects the merchant to a URL that is captured by an IntentFilter in your app

Display the buttonAnchorIcon

We provide a Connect with Braintree button that allows you to send merchants to Braintree to log in and agree to your requested OAuth scopes. To display this button in your app:
  1. Download the connect-braintree-android assets.
  2. Add them to your project's res folder.
  3. Display the button in an ImageButton or similar element in your view:
  1. XML
<ImageButton
  android:layout_width="wrap_content"
  android:layout_height="wrap_content"
  android:src="@drawable/btn_bt_connect_normal"
  android:background="@android:color/transparent"
  android:id="@+id/connect"
  android:layout_marginTop="128dp" />

Send the merchant to BraintreeAnchorIcon

When a merchant taps the Connect with Braintree button, your app should send them to Braintree using an Intent and the connect URL from your server:

Capture the return URL with an intent filterAnchorIcon

After authorizing, your server should redirect your merchant back to the /merchant-connected path. To pick up this path and launch your next desired activity, add the following IntentFilter to your app's manifest.xml:
  1. XML
<activity android:name="com.my.example.app.MyActivity" 
    android:launchMode="singleTask"
    android:exported="true">
    <intent-filter>
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />
        <data
          android:scheme="https://"
          android:host="example.com"
          android:path="/merchant-connected"
        />
    </intent-filter>
</activity>
Note
Future versions of the Android SDK will require you to verify your app's Intent Filters.