OAuth

Client-side Connect Flow

Availability

OAuth is in closed beta in production, and open beta in sandbox. Contact us to express interest in the production beta release.

Important
The SSL certificates for all Braintree SDKs are set to expire by June 30, 2025. This will impact existing versions of the SDK in published versions of your app. To reduce the impact, upgrade the iOS SDK to version 6.17.0+Android SDK to version 4.45.0+ or version 5.0.0+ for the new SSL certifications.

If you do not decommission your app versions that include the older SDK versions or force upgrade your app with the updated certificates by the expiration date, 100% of your customer traffic will fail.

Android OAuth sequenceAnchorIcon

While the high-level OAuth sequence on the Overview still holds true, we recommend this Android-specific client-side flow, which avoids exposing your client_secret:

  1. The merchant taps the Connect with Braintree button in your app
  2. Your app sends the merchant to Braintree for authorization using an Intent and the connect URL supplied by your server
  3. After the merchant has authorized and your server has created an access token, your server redirects the merchant to a URL that is captured by an IntentFilter in your app

Display the buttonAnchorIcon

We provide a Connect with Braintree button that allows you to send merchants to Braintree to log in and agree to your requested OAuth scopes. To display this button in your app:

  1. Download the connect-braintree-android assets.
  2. Add them to your project's res folder.
  3. Display the button in an ImageButton or similar element in your view:

  1. XML
<ImageButton
  android:layout_width="wrap_content"
  android:layout_height="wrap_content"
  android:src="@drawable/btn_bt_connect_normal"
  android:background="@android:color/transparent"
  android:id="@+id/connect"
  android:layout_marginTop="128dp" />

Send the merchant to BraintreeAnchorIcon

When a merchant taps the Connect with Braintree button, your app should send them to Braintree using an Intent and the connect URL from your server:

Send the merchant to BraintreeAnchorIcon

When a merchant taps the /merchant-connected button, your app should send them to Braintree using an IntentFilter and the connect URL from your server:manifest.xml:

  1. XML
<activity android:name="com.my.example.app.MyActivity" 
    android:launchMode="singleTask"
    android:exported="true">
    <intent-filter>
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />
        <data
          android:scheme="https://"
          android:host="example.com"
          android:path="/merchant-connected"
        />
    </intent-filter>
</activity>
Note

Future versions of the Android SDK will require you to verify your app's Intent Filters.

If you accept cookies, we’ll use them to improve and customize your experience and enable our partners to show you personalized PayPal ads when you visit other sites. Manage cookies and learn more

If you accept cookies, we’ll use them to improve and customize your experience and enable our partners to show you personalized PayPal ads when you visit other sites. Manage cookies and learn more