# 02 Auth OAuth

Focus: Uber Eats OAuth 2.0 per merchant (multi-client onboarding).

- Generate authorize URL by merchant
- Handle callback and store tokens
- Refresh token flow
- Token expiry handling policy
- Sandbox utility for app token generation (`client_credentials`)
- Domain pairing validation to prevent sandbox/production mismatch

Grant usage policy:

- `client_credentials`: Store/Menu/Order/Reporting regular operations
- `authorization_code` (`eats.pos_provisioning`): store discovery/integration activation