I am currently working on a project that needs to include some functionality to allow me to set an amount and a recipient for a PayPal payment, and then display a button to a user who can then complete the payment. I will also need to confirm that the payment was successful.
I am building it as an MVC application using the ASP.net framework.
Since you want to be able to confirm the payment is successful, you need a server-side integration. Here is a demo pattern of the UI: https://developer.paypal.com/demo/checkout/#/pattern/server
Note that it does fetch() XHR calls to two server endpoint of yours, which will need to implement v2/orders API calls to initially set up the payment, and then later capture it --- which provides confirmation of success/failure. More information on the server-side portion can be found here: https://developer.paypal.com/docs/checkout/reference/server-integration/ ; there is a .NET v2 Checkout SDK available.
Normally you need the ClientID and Secret of each receiver's REST APP (this is preferred, since PayPal account emails can change) -- but alternatively, you can use your own REST APP and specify the receiver's PayPal email address in the payee field:
purchase_units: [{
payee: {
email_address: 'replacewithrealemail#somewhere.com'
},
amount: {
value: '1.00'
}
}]
Related
I am integrating PayPal Payments blind, this means I have no means to test, I've researched this more than a lot of times, and I can't seem to find any information about this.
When my client successfully pays me (integrated using REST API), and they are returned to the specified return URL, what are the exact parameters returned, primarily, what are the parameter keys for the Payment ID and the Payer ID.
Thank you for your assistance.
I am integrating PayPal Payments blind, this means I have no means to test
This doesn't make any sense; you should fully test your integration as you develop it, using the PayPal sandbox environment.
Redirecting away from your site is an old way to integrate PayPal, used by old websites. Current integrations do not use any redirects. At all.
Follow the Set up standard payments guide and make 2 routes on your server, one for 'Create Order' and one for 'Capture Order', documented here. Both routes should return only JSON data (no HTML or text). Inside the 2nd route, when the capture API is successful you should store its resulting payment details in your database (particularly purchase_units[0].payments.captures[0].id, which is the PayPal transaction ID) and perform any necessary business logic (such as sending confirmation emails or reserving product) immediately before forwarding your return JSON to the frontend caller.
Pair those 2 routes with the frontend approval flow: https://developer.paypal.com/demo/checkout/#/pattern/server
I'm trying to implement the new PayPal Orders API, here is what I did:
Create a developer account, add an app name and then I have Client Id and Secret.
Use OrderCreateRequest to create an Order
Get approvel_url from the resposne->result->links
Redirect to this approvel_url and finish the payment
Paypal will redirect back to my website.
But I never got any thing from the PayPal testing account,Please, what did I miss?
Edit:
On No.4, when redirects to the PayPal page, somehow it only shows 'Continue' button on the page, not the 'make payment' button.
You are missing:
Display an order review page to the payer.
Capture the order with an API call, which (if successful) will return the transaction ID in the purchase_units[0].payments.captures[0] object.
On success, display a thank you/confirmation page.
Without the final capture API call, there is no PayPal transaction.
You are also still using an old integration method based on redirects, which is for old websites. Current PayPal Checkout integrations use no redirects. At all.
Instead of redirecting, make two routes on your server, one for 'Create Order' and one for 'Capture Order', documented here. These routes should return only JSON data (no HTML or text). When a capture response is successful, store its resulting payment details in your database (particularly purchase_units[0].payments.captures[0].id, the PayPal transaction ID) and perform any necessary business logic (such as sending confirmation emails or reserving product) right before sending your return JSON.
Pair those two routes with the following approval flow: https://developer.paypal.com/demo/checkout/#/pattern/server
I'm integrating my application with PayPal and i found a problem.
I use PayPal REST API with intent: "CAPTURE".
After I create an order in paypal via /v2/checkout/orders POST endpoint and client pay for this order in https://www.sandbox.paypal.com/checkoutnow?token={TOKEN} website I don't receive any money or transaction on my PayPal business account.
When I check this order status it says that it is APPROVED but not COMPLETED, so i need to capture this order via v2/checkout/orders/{TOKEN}/capture POST endpoint. After capturing this order is has status: COMPLETED and i receive money.
Is It possible to automatically capture an order without any additional request to capture it?
Because when I use PayPal button It works automatically and I want to have the same result using REST API.
No, it's not possible. The capture step is required.
Whether you use a client-side integration: https://developer.paypal.com/demo/checkout/#/pattern/client
Or a front-end UI that calls server-side routes of yours: https://developer.paypal.com/demo/checkout/#/pattern/server
The capture step after approval (within onApprove) is always required.
I was looking the PayPal interactive integration demo link.
At some point after the user complete the payment flow, the client reach the code:
// onAuthorize() is called when the buyer approves the payment
onAuthorize: function(data, actions) {
// Make a call to the REST api to execute the payment
return actions.payment.execute().then(function() {
window.alert('Payment Complete!');
});
}
In a real scenario, instead of an alert, I would probably like to send the server a instruction to ship a product or update the user plan. And it would probably be done via an HTTP POST request.
How can the server know that indeed a payment was made and it was not a result of an hacker sending an http post request manually?
After actions.payment.execute() you can call your server and have it make a GET call to verify the payment has been completed: https://developer.paypal.com/docs/integration/direct/express-checkout/integration-jsv4/advanced-payments-api/show-payment-details/
Your idea is correct, the server cannot know if the payment was really made. This client API is intended for things like donations, where no request to any servers is necessary. The client callback can then be used to display a "thank you" note or similar to the user.
For most cases (like online shops etc.) you will want to use the server API. That way, the PayPal server will send a request to your server, so you can validate that it really is a genuine payment confirmation.
1) generate a unique reference server side in your database that includes the payment details. For example:
My paypal references table
| Amount: $1.00 | Reference: ECHI5786786 |
2) Pass the payment reference in your transaction object before excuting the payment.
"transactions": [
{
"amount": {
"total": "1.99",
"currency": "USD"
},
"soft_descriptor": "ECHI5786786" //this is your unique reference
]
3) In your PayPal app configuration, on the developers site, set a webhook to your server for "payment sale completed". PayPal will call your url with the transaction details including the unique reference. Record the details in your database. For example
My paypal confirmed completed payments table
| Amount paid: $1.00 | Reference: ECHI5786786 |
4) When PayPal confirms the payment is complete client side, send a request to your server to confirm payment details
// Make a call to the REST api to execute the payment
return actions.payment.execute().then(function() {
//ajax to your server here with "soft_descriptor"
//if ajax success, then all good
});
Serverside confirmation
Confirm that the reference is in both tables and that the amount matches
Currently we are using Paypal's REST API to setup a paypal payment process on our client's website.
Our webcontrol sits inside an iframe on their website and it is from this control the the paypal process is started and processed. Currently that works ok.
The issue we have is that this requires each customer of ours to have a business account (which is required any way we go so that bit is ok) but they then need to go the developer portal on their account and setup a an App ClientID and Secret (which is the bit we are hoping to do without to make it as simple as possible for our customers).
I have noticed solutions like wix.com offer paypal integration to their customers and only require the email address of their customer's paypal account and they handle the rest of the setup from there automatically.
I am just looking for some guidance on which product in Paypal's range should I be looking at to implement the same sort of solution setup for our customers?
Your observation is correct: the REST API service does not (currently) support placing API Calls for other users.
Alternatives:
Classic API: You can call the API in the name of a customer (who first needs to grant your API user access to his account) by passing the "SUBJECT=E-Mail Address" Variable. Usually used in conjunction with Express Checkout - see: https://developer.paypal.com/webapps/developer/docs/classic/express-checkout/ht_ec-singleItemPayment-curl-etc/
If you want to go this route, you may want to look into the permission service API under https://developer.paypal.com/docs/classic/products/permissions/ - it allows you to programmatically request the required permissions from a seller.
Adaptive Payments:
Often used by market places, we're dealing with 3 parties within Adaptive Payments:
a. API Caller --> The API caller placing the API calls and receiving all infos
b. The sender --> The person sending money to one or more recipients
c. The receiver(s) --> One or more receivers of the payment. As Adaptive Payments is pretty much using PayPals "Send Money" functionality, no further permissions need to be requested from the receivers.
See: https://developer.paypal.com/webapps/developer/docs/classic/adaptive-payments/integration-guide/APIntro/
Website Payments Standard: Just add a different e-mail address to the "business" variable and you're done.
See: https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/cart_upload/