Square MCP Server – APIs and Merchant Tools

Square's official MCP server connects AI assistants to the Square REST API platform. Use it to discover Square API services and types, prepare valid requests, and execute authorized API calls for merchant workflows across customers, orders, catalog, payments, bookings, inventory, invoices, and more.

#payments#merchant-tools#commerce

Overview

Square's official MCP server implements the Model Context Protocol as a bridge
between AI assistants and the Square REST API platform. It can run as a hosted
remote server or as a local server for an AI client, giving agents structured
access to Square API discovery and request execution workflows.

What the MCP server enables

Square's MCP server exposes a streamlined tool set for exploring and using the
Square API:

get_service_info discovers available methods for a Square API service.
get_type_info returns detailed parameter and type requirements.
make_api_request executes authorized Square API calls.

Through those tools, an AI agent can work across Square's API ecosystem,
including customers, orders, catalog, checkout, payments, invoices, bookings,
inventory, locations, loyalty, disputes, gift cards, labor, devices, team
members, vendors, webhooks, and other Square services supported by the current
Square API specification.

When to use it

Use Square MCP when an AI workflow needs to understand or operate Square APIs
with live authorization. Practical examples include generating code for a
Square integration, checking the required fields for a catalog item, creating a
sandbox order, reviewing customer or inventory workflows, preparing payment or
invoice API calls, and letting a coding assistant explore Square service
capabilities from inside an IDE.

Connection and authentication

Square recommends the hosted remote server at https://mcp.squareup.com/sse.
Remote connections use OAuth login with a Square account and let the user
authorize only the scopes the application needs. This avoids manual access-token
management.

Local stdio runs with npx square-mcp-server start. Local configuration uses
ACCESS_TOKEN plus environment flags such as SANDBOX=true or
PRODUCTION=true. DISALLOW_WRITES=true can restrict the local server to
read-only operations, and SQUARE_VERSION can specify a Square API version.

Key considerations

The Square MCP server is currently documented as Beta. Square recommends
learning the server and testing prompts in a Square Sandbox environment before
using production data. Remote instances access production resources only, while
local instances can be configured for sandbox testing. Tool calls can create or
modify merchant data when writes are allowed, so require approval for payments,
orders, invoices, catalog updates, customer changes, and other production
actions. Square also maintains an allowlist for MCP clients to protect against
malicious client registration attempts.

Frequently Asked Questions

When should an AI agent use the Square MCP server?

Use it when a workflow needs authorized access to Square APIs, such as exploring API services, preparing request parameters, generating integration code, testing sandbox orders, or operating merchant workflows involving customers, orders, catalog, payments, invoices, bookings, inventory, and locations.

What does the Square MCP server add to an AI agent's capabilities?

It gives the agent structured tools for discovering Square API services and types and for executing authorized Square API requests, allowing the agent to work with current Square platform capabilities instead of relying only on static model knowledge.

What can an AI agent access or manage through Square MCP?

Depending on permissions and environment, the agent can use Square API services such as customers, orders, catalog, checkout, payments, invoices, bookings, inventory, locations, loyalty, disputes, gift cards, labor, devices, team members, vendors, and webhooks through the server's API discovery and request tools.

How is authentication configured for the Square MCP server?

The hosted remote server uses Square OAuth so the user signs in with a Square account and authorizes the required scopes. The local stdio server uses ACCESS_TOKEN and can be pointed to sandbox or production with SANDBOX=true or PRODUCTION=true. Store tokens securely and never commit them to source control.

Which transport should be used for the Square MCP server?

Use the hosted SSE endpoint at https://mcp.squareup.com/sse for production OAuth-based access, which Square recommends. Use the local stdio server with npx square-mcp-server start for sandbox testing, local development, API version pinning, or read-only mode with DISALLOW_WRITES=true.