I am moving from REST to classic API (and I'm new to both). As a developer, I want to record unique identifier of the payment to relate sales in site to Paypal payment IDs, such as in case I want to do refunds.
The REST API used to give me payment IDs in the return URL while classic API gives me transaction IDs in the response.
What is the difference? Or are they aliases to same resource? Is storing the PAYMENTINFO_0_TRANSACTIONID sufficient to lookup the payment?
Examples of both:
paymentId PAY-0CN62912EY171514DKSECBXA
PAYMENTINFO_0_TRANSACTIONID 4KY08572SD6526629
Web interface for merchant shows transaction IDs, never payment IDs:
PayPal Express Checkout Payment Received (Unique Transaction ID 4KY08572SD6526629)
Transaction ID is the identifier of PayPal transactions once it is completed, regardless of which API it comes from (Classic API, REST API, Adaptive Payment API etc). It will be issued if and only if the transaction has been completed.
In contrast, Payment ID is identifier of payment in REST API which does not necessarily indicates a completed payment. For example, let say you use REST API for PayPal payment with /v1/payments/payment endpoint:
POST /v1/payments/payment
{
"intent":"sale",
"redirect_urls":{
"return_url":"http://ashrafishak.com",
"cancel_url":"http://google.com"
},
"payer":{
"payment_method":"paypal"
},
"transactions":[
{
"amount":{
"total":"7.47",
"currency":"USD"
},
"description":"This is the payment transaction description."
}
]
}
You will receive Payment ID from the above request, but it is not completed yet since transaction ID is not issued. You need to execute the transaction using /v1/payments/payment//execute endpoint for it to be completed.
In your case, since you want to keep track of transaction for future refund, I think it is sufficient to just store Transaction ID.
***Transaction ID is the identifier of PayPal transactions once it is completed,it will be issued if and only if the transaction has been completed.
***Payment ID is identifier of payment which doesn't necessarily indicates a completed payment.
Related
I was looking the PayPal interactive integration demo link.
At some point after the user complete the payment flow, the client reach the code:
// onAuthorize() is called when the buyer approves the payment
onAuthorize: function(data, actions) {
// Make a call to the REST api to execute the payment
return actions.payment.execute().then(function() {
window.alert('Payment Complete!');
});
}
In a real scenario, instead of an alert, I would probably like to send the server a instruction to ship a product or update the user plan. And it would probably be done via an HTTP POST request.
How can the server know that indeed a payment was made and it was not a result of an hacker sending an http post request manually?
After actions.payment.execute() you can call your server and have it make a GET call to verify the payment has been completed: https://developer.paypal.com/docs/integration/direct/express-checkout/integration-jsv4/advanced-payments-api/show-payment-details/
Your idea is correct, the server cannot know if the payment was really made. This client API is intended for things like donations, where no request to any servers is necessary. The client callback can then be used to display a "thank you" note or similar to the user.
For most cases (like online shops etc.) you will want to use the server API. That way, the PayPal server will send a request to your server, so you can validate that it really is a genuine payment confirmation.
1) generate a unique reference server side in your database that includes the payment details. For example:
My paypal references table
| Amount: $1.00 | Reference: ECHI5786786 |
2) Pass the payment reference in your transaction object before excuting the payment.
"transactions": [
{
"amount": {
"total": "1.99",
"currency": "USD"
},
"soft_descriptor": "ECHI5786786" //this is your unique reference
]
3) In your PayPal app configuration, on the developers site, set a webhook to your server for "payment sale completed". PayPal will call your url with the transaction details including the unique reference. Record the details in your database. For example
My paypal confirmed completed payments table
| Amount paid: $1.00 | Reference: ECHI5786786 |
4) When PayPal confirms the payment is complete client side, send a request to your server to confirm payment details
// Make a call to the REST api to execute the payment
return actions.payment.execute().then(function() {
//ajax to your server here with "soft_descriptor"
//if ajax success, then all good
});
Serverside confirmation
Confirm that the reference is in both tables and that the amount matches
I have transactions in the LIVE area of our developer console, however, they are only payment approvals, not executed payments. I am trying to retrieve and execute payments that are listed as LIVE transactions however it appears that the payments no longer exist. When trying to access the payment, I get an INVALID_RESOURCE_ID.
However, if I use an ID that is an executed payment, I can get a valid response.
i.e. using POSTMAN and accessing a URL like:
https://api.paypal.com/v1/payments/payment/PAY-79813274XD290572UKYNLZ5A
Will retrieve the JSON response I expect.
But a non executed payment will get.
{
"name": "INVALID_RESOURCE_ID",
"message": "The requested resource ID was not found",
"information_link": "https://developer.paypal.com/webapps/developer/docs/api/#INVALID_RESOURCE_ID",
"debug_id": "2bf3983d24c5d"
}
Is there any way to execute payments on payments that only when through the approval process and not execution after the fact? And if so, what is the window?
If you receive PayPal payments, they will come back as a Preapproved payment that needs to be executed. They are executed via the API call Execute:
POST /v1/payments/payment/{Payment-Id}/execute
You can see more information here: https://developer.paypal.com/docs/api/#execute-an-approved-paypal-payment
I create a recurring payment by using paypal express checkout without call DoExpressCheckoutPayment. Do you know how can I get transaction ID after created Recurring Profile?
If you do not call DoExpressCheckoutPayment, the recurring payment profile will not be created and thus will not have a Transaction ID associated with it.
The transaction ID will be returned in the DoExpressCheckoutPayment response.
When querying the paypal sale get api I am receiving this from the sandbox. I am using a sandbox txn_id
{
"name":"INVALID_RESOURCE_ID",
"message":"The requested resource ID was not found",
"information_link":"https://developer.paypal.com/webapps/developer/docs/api/#INVALID_RESOURCE_ID",
"debug_id":"9daca12551fa8"
}
Am I using wrong Transaction id?
When receiving an IPN it is important to notice the "transaction_entity". This value will communicate what type of API call needs to get made, there are multiple types:
"auth", "sale", "capture", "refund", etc.
While this was a "sale" the transaction itself was only authorized, therefore I had to do an authorization api call. Not a Sale API call.
When I try to call RefundTransaction API method usiong PayerID i get Error "13606 Feature Not Enabled. You are not enabled for this feature.".
What it does mean? Is there a way to enable it?
To reproduce you can go to https://devtools-paypal.com/apiexplorer/PayPalAPIs and try to execute RefundTransaction method with PayerID and Amount filled in.
Direct from PayPal Support:
TransactionID and PayerID are marked "conditional", but you couldn't set blank.
For example, A buyer purchased several items in different period , but if you call RefundTransaciton API only set PayerID,
PayPal couldn't judge in which transaction to refund, and also could not refund the amount about all of these items.
PayPal is not allowed this case happen.
So at least you have to set the transaction ID while calling the refund API.
So the solution is to always specify TransactionID.
Yes, their own API Documentation says:
"Either the transaction ID or the payer ID must be specified."
But apparently this is not the case.
If you don't log subscr_payment IPN calls, you can look up TransactionID from a PayerID by using the TransactionSearch API request. Put your PayerID in the ProfileID search field.