PayPal Preapproval key using Embedded Flow (lightbox) - paypal

is it possible to request a preapproval key using Embedded Flow instead of redirecting the user to PayPal? I've done it with payKeys but I can't find examples of how to do it for future payments.
I tried changing the url of the light box to:
a) /webapps/adaptivepayment/flow/pay?preapprovalkey=PA-XXXXX
b) /webapps/adaptivepayment/flow/preapproval?preapprovalkey=PA-XXXXX
none of them worked.

Related

When are PayPal Checkout redirect urls used

I'm trying to implement the PayPal checkout server flow described here and I'm a little bit confused about the role of the redirect urls required by the Create Payment REST API
With the PayPal checkout JavaScript components, I need to provide a onAuthorize hook in the JavaScript button initialization code like in the example on the page linked above. My understanding - and I've confirmed this in the sandbox environment - is that this callback gets called after user has successfully authorized the payment on PayPal and in this callback I'm supposed to execute the payment. This part is pretty clear and I've successfully implemented this. The confusion arises from the payload on the PayPal's Create Payment API.
This API expects a required parameter redirect_urls to be provided in the payload. Under this both return_url and cancel_url have to be provided. I understand from the documentation these URLs are where the user will be redirected after successfully authorizing the payment or if they cancel the payment.
In my tests in the sandbox environment, however, the user is never redirected to these redirect urls, as the "return" / "cancel" is handled by the callbacks provided to the button initialization. Now this leads to my question:
Despite this, is there any scenario where the user is redirected to these urls? What should happen if the user is redirected to these urls?
My concern is do I need to duplicate the on authorized / cancelled logic both in the JavaScript code and then upon entering the provided return urls?
The return and cancel url were important in cases where the PayPal experience is not in context (light box ) or if you want to take them to a completely different page once they approve the payment using continue or pay now or if you are using this in a mobile app where the checkout.js won’t work
With the checkout JS integration you don’t really need to pass the url as the experience is in context if that’s what you were trying to ask.

Paypal Authorization standard and capture through REST API

I've been asking myself if there is a possibility to use the standard payment page of paypal to redirect user to "Authorize" a payment using their Credit card (using "paymentaction" : "authorization" in the redirect form).
Having IPN setup i could receive the auth_id.
Then later on "Capture" an amount (equals or less) using the Paypal REST API but using the "auth_id" received through IPN ?
It seems the "authorization_id" received through Paypal REST API "Authorize" is the same length. Somehow i suppose it is the same value.
Before implementing such i wonder if anyone tried this before ?
Thank you
You can do this using the standard (Website Payments Standard) page to creat the authorization paired with the "classic" authorization API, but you cannot mix the classic and REST APIs as you described.
The REST APIs store different/additional information on PayPal's server side, so in general you cannot manipulate transactions created through classic APIs via REST APIs (and vice versa is also complicated and generally not advised).

Is using the PayPal IPN as a API trigger a good implementation?

As recommended by PayPal I am using a combination of the PayPal API and the IPN to create a 'Adaptive Payments' flow.
When my IPN listener receives a new notification from PayPal I have two options (after security checks):
1) Use the received data to make direct actions in my website (for example set a preapproval as approved)
or instead a more secure and clean way (I think):
2) Detect the transaction type variable (or other identifier) and request more details from PayPal accordingly.
For example if the 'transaction_type' is 'Adaptive Payment Preapproval' then I will use the received 'preapproval_key' to request the preapproval details using the PreapprovalDetails API call and then use the received data of that call to set the preapproval as approved.
Is this (option 2) the better way to go?
Thanks.
In general there is probably enough information in the IPN for you to act on, but IPNs are pretty confusing what with all the optional fields and the way that there is no payment_status or txn_id on subscribe events, and no subscription information on payment events, so marrying them up can be interesting. You may well find it easier to understand if you go ahead and get the relevant information from them for each IPN via their API as you suggest.

PayPal: Tracking a User Through IPN From Adaptive Payments API

I need to track user payments on my site, but there is nothing in an IPN that I have been able to link to my original payment.
Some people suggested using the "custom" field (http://stackoverflow.com/questions/11251109/paypal-button-sending-custom-variable-through-ipn), but that doesn't seem to be an option through the Adaptive Payments API.
So are there any fields I can attach to my Pay API call or my SetPaymentOptions API call that will a) be invisible to the user, and b) come back in the IPN so I can track the payment?
My only other options are to either track with the paykey (but that seems wrong since it is public and expires and a given transaction can have several paykeys), or to send the ipn notification to a tracked url such as www.example.com/payments/ipn/{transaction_id}
I'm just fairly shocked if there's no legitimate way for me to track a payment.
I think this could be of use to you:
https://www.x.com/developers/paypal/forums/mobile/how-fetch-invoice-data-using-adaptive-payments-api

Paypal custom variable solution using php

I'm trying to using paypal as payment for my site.
My site only sell a virtual currency, like "Diamond" in Online game.
So after reading i starting to use Express Checkout for Digital Goods, Is that right ? or i must other payment method ?
Then my question is when using Express Checkout for Digital Goods, how to pass custom variable ?
Let say i want to pay user_id, diamond_id, and some other variable from my database to the paypal api. It seem like paypal don't support custom variable to pass on the api call. I want after user complete the payment, then Paypal notify my server that the payment is complete by user_id and some other variable that i pass, so easy for me to know the detail.
after searching i find some solution,
First solution is to store "TOKEN"(Generated from "SetExpressCheckout" Method) and my custom variable which is belong to the TOKEN in the database, Then after payment complete paypal will notify my server the same TOKEN saved before. So i will query based on the TOKEN.
Second Solution is using get style in RETURNURL variable http://www.mysite.com/successpayment.php?user_id=13&diamond_id=88 So i will easy to grab the GET variable.
Which solution is right ? Is there any solution ? and how to secure the payment confirmation, i mean if someone know and hack my returnurl.
Thanks in advance
There are two parts to be able to successfully identify your order in the whole process:
To identify your order when the user is redirected back via the success or cancel URL, just pass the order id via the query string of the URL.
To identify your order when Paypal sends notifications about the transaction and associated events (refunds, reversals, disputes etc.) via IPN: Paypal does support a pass-through variable, which allows you to associate IPNs to the order record in your DB.
For express checkout you set PAYMENTREQUEST_0_INVNUM in the SetExpressCheckout call
In case you are creating a recurring profile, the parameter is named PROFILEREFERENCE in the CreateRecurringPaymentsProfile call
When you receive an IPN the invoice is passed as 'invoice' or 'rp_invoice_id' respectively
(My general advice, though: use Paypal only if you really have to)