There is an API call to find the subscription details etc, but what if I want to check all the subscriptions that a user has purchased? There's no API for that?
There is not. One of your users could have activated subscriptions with different payer accounts -- or a payer account could have been used to activate multiple users. It's not a 1:1 relationship (unless you were to enforce it) so you need to track this information in your own database.
Related
In our app user is paying for one year of use during checkout and then after a year we are staring to charge subscription.
Let's say that users are identified by email. So, how can I verify that user have now an active subscription ?
I have seen a few posts that suggest to build webhook and listen to PayPal events.
In our flow the initial purchase will be on WordPress website with one of the subscriptions Plugins and then I need to "activate" subscription in the App.
Is the "webhook" the only possible option with PayPal?
I have seen something in Braintree SDK related to subscription, can this work?
Seems to me too complicated to build the whole system only to verify subscription. In Stripe, for example, you can proactively ask if the user has subscription.
The webhook PAYMENT.SALE.COMPLETED informs of every completed subscription payment. Use this information to continuously update your records of whether a user has a paid-for subscription.
If you need metadata for reconciliation of which subscription corresponds to which user (since however they are identified at PayPal may not correspond to however you identify them), you can set the parameter custom_id when creating the subscription, to any value of up to 127 characters.
If you need to download a transaction history of previous payments, you can get a report in CSV format from the https://www.paypal.com account interface, typically under Activity -> All Reports -> Activity Download. This can then be imported to a database to backfill any gap in your records that you don't have webhook events for.
I understand how to register webhooks for all kinds of events within my OWN PayPal account. I need something different: I want my users to authorize me to register a webhook for specific events in THEIR accounts.
The short story is that I want to place a service in the middle between participating users and merchants. So I imagine this could go one of two ways:
USER authorizes me to register webhooks for authorization events on his PayPal acct (typically PayPal Personal). I read the payload to identify transactions related to participating MERCHANTs.
MERCHANT authorizes me to register webhooks for authorization events on his PayPal acct (typically PayPal Pro/Business). I read the payload to identify transactions related to participating USERs.
Thanks in advance for your thoughts!
Do it for the merchant accounts (2).
You'll need them to onboard and provide a REST clientid + secret so you can use those credentials to create transactions for them and register for the webhooks you want.
Using API or customer permission, Is it possible to get payment from customer account any time ?
Actually I have one cloth store,
When my custom make payment first time while purchasing something using paypal wallet/account, i will have set of permission from his paypal account,
Using that i need a functionality when that person buy second time, there account will be auto debited, using their saved paypal token
Is Paypal provide this type of any services or API ?
If yes then tell me some more details i.e. how it works and what is require for that i.e token, API key or any other.
You can refer to the link below for the details to see if this payment method meet your requirement.
https://developer.paypal.com/docs/integration/direct/billing-plans-and-agreements/?mark=billing%20agreement
A listener on my website 'listens' for successful purchases made via Paypal. Data retrieved by the listener includes a post variable that I can set before initiating the purchase. This is possible with Paypal's IPN(Instant Payment Notification). I am trying to get the IPN to recognize the users account on my website upon purchase. Every account on my website has a unique user ID number.
I have tried passing the accounts unique ID through Paypal's "Custom" variable so the IPN can listen for that. Though I think this is a bad idea because then people can purchase things for another account if they passed their unique ID. Though this is a guaranteed purchase handler, hackers can take advantage of this with social engineering.
I see that some people instead pass the session_id with php, but this isn't safe because the listener would have no way of recognizing the user's website account if the session_id were to disappear. I also see that people will pass a cookie tied to the user's unique account. I don't think this is a good idea because the cookie could be cleared.
It is to my impression that I can not send a refund or cancel a purchase if the user's account could not be identified(Without doing it manually). What checkout flow should I do?
I would create a local invoice record in your system, and this invoice would get a customer ID associated with it.
Then you can use the INVOICE parameter to pass the invoice ID to PayPal, and that would come back in IPN where you can then lookup the customer ID based on that invoice ID.
I am working on a website in which a facility pays us for membership. Their membership payment is the only money we receive. This payment is done via Paypal Website Payments Pro using the DoDirectPayment API.
These members then rent out their facility to customers by listing available blocks of time on our website. The customer would pay for this time block via credit card, also via DoDirectPayment, but this time the payment goes directly to the member's Paypal account.
I have found a lack of clear direction on what needs to be done to enable this. I know I could require all members to have a Paypal Payments Pro account ($30 per month) and store their API credentials (including passwords and signatures) in our system and those payments could be handled directly. But I am vaguely aware of the Third-Party app authorization option... I just can't find info on how it should be set up.
Is it possible to only store the member's Paypal email address and just ask them to authorize our app in their profile?
Also, I saw someone suggest the thrid-party payment recipient wouldn't even need a Pro account. If that is the case, what do I need to change about the API call (I'm using the NVP method) so that our Pro account is leveraged but payment is given to the member?
First, your members will need their own Pro account. The only way to try and get around that would be to have all of the funds come into your account and then disperse them accordingly. This is frowned upon by PayPal and will result in a suspended account.
You could indeed have users enter their API credentials into your application and store them with your customer's profile so that you can include them in API calls for that particular member. You'll want to make sure to encrypt these values if you end up doing that.
The proper way to handle it (since you're a hosted solution) would be using Permissions. You would use your own API credentials, but then pass an additional parameter to flag what account you're making that call on behalf of. This is where the Permissions come into play. Your members will need to Grant API Permission for your app to make the DoDirectPayment call on their behalf.
This can be done manually from within the PayPal account under API Access, or programatically via the Permissions API.
OK, I discovered the answer. I am sharing the detail here for others looking for this very elusive information:
My account (hosted solution) must be a Pro account.
Members who will be selling to customers on my site must also have Pro accounts. I tested the same code with a regular business account and the error said "This transaction cannot be processed due to an invalid merchant configuration."
Members do not have to give me all their API credentials.
The DoDirectPayment call is the same as if I were doing my own payment (almost). I use my own username, password, and signature. The way to send the money to another account is to include one more parameter called SUBJECT which should be the email address associated with the member's Paypal account (not their API username).
The member must grant my (third-party app) account permission. In my case I only needed the one Paypal labels "Process your customers credit or debit card payments." which should correspond to DIRECT_PAYMENT in API terminology.
Andrew's answer gave me some additional keywords to use in searches, and I appreciate the tip off to the Permission API. It did not directly answer the question, but that will be a nice feature to add to my app instead of making users go through their Paypal profile's to grant permission.