OAuth 2.0 flow diagram

The OAuth 2.0 authorization code flow follows a specific sequence to securely authorize your application to access merchant data. This diagram shows the complete process from initial authorization request to token exchange.

Authorization flow diagram

Key flow steps

The diagram illustrates these critical phases:

1

Authorization request initiation

Your application redirects the merchant to Yoco’s authorization server with required parameters including client ID, scopes, and a state parameter for security.

3

Authorization code exchange

Your application receives an authorization code and exchanges it for access tokens, id tokens and refresh tokens using your client credentials.