We Keep Coding

Handle recurring payments with paypal

I'am having troubles about how to handle the paypal recurrent payment system.
I followed every instruction in the website, but once i create the profile, paypal puts it in pending, making me doubt about the reliability of the service itself.
I tried to look over the internet but i didn't really get how this should work...
i made the first call with SetExpressCheckout in order to create the request, when the token is returned, i send the token to the paypal page, the user confirms the payment, then i call the CreateRecurringPaymentsProfile method to confirm the operation (passing PAYERID and TOKEN and setting the AMT value for the first payment and the PROFILESTARTDATE as now +1 month for the future payments)
Now when i try to read the response from the last call (or if i go to the buyer/seller paypal account) i see that the payment is in pending and i have to wait an undefined amount of time before this payment is activated.
Now the real question is: can i trust the fact that even if the payment is in pending, i'll receive the payment and so i can set set the user as member or i have to check and wait until the status is 'active' with the GetRecurringPaymentsProfileDetails method?
PS: i'm doing this in the sandbox version, maybe the official version is a bit faster and more reliable?
Thank you!

In Sandbox as in Live when you call CreateRecurringPaymentsProfile you will also get the response in which it will give you the status of the profile (ActiveProfile or PendingProfile). When the status is in Penidng it means that the system is in process of creating the recurring payment profile. You can then check your IPN messages for an update. It is normal but obviously if you notice that all the profiles you create get into Pending and never activate then there could be a bug but should not be the case. In here is the PayPal technical guide for this API: https://developer.paypal.com/docs/classic/api/merchant/CreateRecurringPaymentsProfile_API_Operation_NVP/

How to explicitly reject an IPN request

In the documentation for IPN, it says things like "Check email address to make sure that this is not a spoof". But I cannot see what to do when that is the case, and how I tell PayPal I want to reject a transaction. E.g. do I sent back a 400 instead of a 200? Or alter the POST data in some other way?
Or do I just ignore the message? (The problem with that is that PayPal will keep re-trying, which is wasted bandwidth for us, but also means it takes longer for the user to hear about the payment failure.)
Background: I realize sending it back to PayPal and getting the VERIFIED message back handles most security issues. But in my case, there is some unique ID information in the custom field. If that is missing, or does not validate against the DB, I want to reject the payment. I want my customer to see it failed, so they know to go and use a fresh form. The alternative is to accept the payment, and then have to involve a manual process trying to work out who the payment came from, and then possibly do a manual refund. (Other reasons to do this might be that the inventory has sold out in the split second between them seeing a product on the site and clicking BUY.)

The payment didn't fail. PayPal is notifying you that the payment succeeded: not asking you whether you want to accept it. You can't reject it at this stage.

Simple send back a 200 code to let Paypal know you received the IPN, otherwise Paypal will try to send the IPN response repeatedly.

IPN is Instant Payment Notification. After the payment paypal notify you the result of the payment. Check if connection VERIFIED, and next if if the payment is Completed and mark the result in the database.
If you say to PayPal the ipn address in the cart, Paypal send you the notification. You can't say to paypal: "yes please, send me a notification" and when receive say "why you send this?" If you put ipn in cart form you can provide a ipn url with code 200, not 404. Or remove ipn value in the cart form

PayPal express checkout handling "pending payments" with IPN

I cant find anny clear documentations about this.
If you use paypal express checkout, when a payment is pending what happens next?
Does paypal sends you by IPN an update if the states changes, do you have options?
Let say you do an DoExpressCheckoutPayment (with NVP)
and you get this:
&PAYMENTSTATUS=Pending
&PENDINGREASON= ECHECK //The payment is pending because it was made by an eCheck that has not yet cleared.
&REASONCODE=None
So you've made the payment and you want to wait until its cleared? What should you do next.
Update Some (external documentation) I found only sugest you could use (IPN?) to handle pending payments.
"If the Do Express Checkout Payment PENDINGREASON response is a value
other than none or completed , the payment is pending. Typically,
this means the customer has paid with aneCheck. In such a case, funds
are not guaranteed, and you should not ship or deliver items or
services until the payment has successfully completed. NOTE:
PayPal recommends that you block eChecks as a payment method if you
are unable tohandle pending state payments.To find out the status of a
pending payment, you can:
Submit an Inquiry transaction.
Check the status using PayPal Manager. See PayPal Manager online help
for details."
The paypal sandbox seems to have the option to check IPN messages for the express checkout type. The only correlation (if its ment to be used this way) between the DoExpressCheckoutPayment and the IPN seems you can use the "custom" field to keep track of a pending status. The txn_id (ipn) isn't given in DoExpressCheckoutPayment (nvp). Does any one have any experience with this?

The transaction ID is most certainly given in DoExpressCheckoutPayment, even if the PAYMENTSTATUS=Pending. A pending payment is still a transaction.
So yes, you would be notified via IPN when the transaction is completed. This typically takes a few working days.
Once it has completed, you can correlate the transaction from DoExpressCheckoutPayment to the IPN you will have received via the txn_id in the IPN.
Note: If you want to test a 'Pending' payment in the PayPal Sandbox, simply go to https://developer.paypal.com/ > Test account and click on 'Payment review' for the seller account you're testing with.
Once payment review is enabled on that seller account, any transactions it receives will be in a 'Pending' state.
Simply disable payment review to release the tranasctions afterwards.

I thought i'd add my two pence worth of thoughts to this.
I was getting a pending return status using Express Checkout via the dotNet SDK, according to the doc's and examples I should have been getting an 'approved' status.
I couldn't figure out why but it turned out to be because I was passing through a new currency, in our case 'GBP'. I had to log in as the facilitator sandbox account and decide what to do with the new currency.. convert it or setup a new balance in the currency. Once I did this, and set it as the default action, the pending return status no longer occurred.
hope that helps someone!

One thing not noted here and I haven't found anything else to confirm.. is that Paypal Express API doesn't support passing in the NOTIFYURL with the code. So you have to use the hardcoded IPN url set in your paypal account. This of course causes issues because you need a common callback file that can redirect to the individual payment options.
For example, if you are using Paypal Express AND Paypal Advanced.. Neither of those properly support a notifyurl passed in using the code. Paypal Advanced claims to, but it doesn't seem to work. So there needs to be a common IPN callback file that handles the redirection to each.
Unless someone else can confirm a working notify url for Express Checkout variable that can be passed in the code?

Workflow with PayKey using Paypal Adaptive Payment

I'm trying to implement a payment system using the new Paypal API (Adaptive Payment).
So far, I have this workflow :
Send a request to Paypal for : AdaptivePayments/Pay
This create a Pay request, and return a payKey that is valid 3 hours (source)
Now, I wait that paypal sends me request throught the IPN. When it will, I will get the pay_key with it
Using this pay_key, I will call the AdaptivePayments/PaymentDetails to know the state of the payment.
But I was wondering, how can I do if it's been more than 3 hours? (like in a refund?)
What is the sure way to do then?
Thanks for your help!

Well I'll answer myself on that one and after a bit of reading.
Instead of using the payKey given when calling AdaptivePayments/Pay, and other solution is to use the trackingId.
Here's how :
First step, you create an AdaptivePayments/Pay and you specify a trackingId (must be unique) :
{
"actionType":"PAY",
"currencyCode":"USD",
"receiverList":{"receiver":[{"amount":"1.00","email":"seller_1288085303_biz#gmail.com"}]},
"returnUrl":"http://apigee.com/console/-1/handlePaypalReturn",
"cancelUrl":"http://apigee.com/console/-1/handlePaypalCancel?",
"trackingId":"abcde-12345-unique-of-course",
"ipnNotificationUrl":"http://apigee.com/console/-1/ipn",
"requestEnvelope":{"errorLanguage":"en_US", "detailLevel":"ReturnAll"}
}
In response, you will have the payKey that you'll redirect your buyer to, in order to do the payment.
Then, for the whole evolution of this payment, you will be notified to your IPN url (here, "http://apigee.com/console/-1/ipn").
When you'll receive a (POST) request at this adress, check the validity to paypal and you'll get a trackingId in the parameter. Check that this trackingId exists and then ask AdaptivePayments/PaymentDetails with that trackingId like this :
{
"trackingId":"{put here}",
"requestEnvelope":{"errorLanguage":"en_US", "detailLevel":"ReturnAll"}
}
And you will have a complete detailled status of your payment in return.
Now, you do the work to update your database, call your buyer, etc etc :)
What was helpful for me :
Pay API Operation
PaymentDetails API Operation
IPN Variable Reference
Apigee Paypal console

Paypal NVP with IPN for confirmation - what ties them together

I am using PayPal with NVP API (using PHP) for express checkout. I am creating an invoice record in the database before redirecting the user to Paypal. In case the user doesn't return to my site after processing, I am using IPN to confirm the purchase and then update the invoice record that the payment is confirmed. I am still in the sandbox mode and trying to figure out how I will tie the transaction started with NVP to the confirmation I get with IPN.
I need to verify if the "PAYMENTREQUEST_n_INVNUM" sent in the NVP will come back as "invoice" in the IPN post.
It appears I cannot actually test this until I am live since the Sandbox IPN does not seem to be active with NVP initiated sandbox transactions - is this correct?
Thanks for your help.

You can test this in Sandbox. But if you're using "PayPal NVP", I assume you're using PayPal Express Checkout and calling the SetExpressCheckout and DoExpressCheckoutPayment API's.
If that's the case, you don't really need IPN, because a transaction will only be completed as soon as you call DoExpressCheckoutPayment.
In other words, buyers will always be redirected to the RETURNURL you specified in SetExpressCheckout, and the transaction is completed (or not) when you call DoExpressCheckoutPayment on this return page.
To get the invoice number, you could call GetExpressCheckoutDetails and supply the TOKEN you retrieved earlier (it's also appended to the GET of the RETURNURL).
Finally, check PAYMENTSTATUS=Completed in the DoExpressCheckoutPayment API response to see whether the transaction has completed or not.

Thank you Robert for the clarity on the process - especially useraction=commit.
I finally realized that I could turn on IPN in the Sandbox for my test seller and test NVP with IPN together. I was able to verify that PAYMENTREQUEST_0_INVNUM matches the 'INVOICE' parameter in the IPN POST.
I will use the custom field to pass customer email from my system in case they use a different email to log into paypal with, therefore allowing me to have email/invoice number pair for confirmation.