Paypal Rest API : Difference between Paypal execute and auth-capture - paypal

I am developing a system in which I have to integrate paypal. In the backend the system itself uses an internal API(I do have many systems communicates to core like web, mobile app etc). Consider the case of web, I am planning to approve the payment using the Paypal Rest API, so the user will be redirected to Paypal and approves the payment and then the system communicates with the internal api and then the actual payment has to be completed.
When going through the docs, I can see Payment->Execute need to be done after the approval. Also I can see Authorize and, Capture later as in other payment systems. So I am confused with the significance of execute method?

When you create the payment, you can the intent of the payment to be 'sale', 'authorize' or 'order'. For each of these you need to call payment->Execute, but the difference is in what happens after
When set to sale, payment will immediately be processed and funds transferred as soon as possible.
When set to authorize, you get back an authorization_id. The funds will be on hold for 3 days within which you use that id to to a capture on the payment to have the transaction processed.
When set to order, you get back an order_id. The order does not put fund on hold, but you can call authorize against the order to put the funds on hold and later call capture on that order to process the transaction and transfer funds.

Related

Should I remember the payment before getting it authorized?

I get it that Paypal SDK (backed by REST API) has three steps:
Create a payment
payment = Payment({...})
payment.create()
return redirect( redirect_url( payment))
The customer pays and authorizes payment from within Paypal
Redirect to our site where we execute payment, thus transferring money
Should I store the created payments at step 1? I would thus capture all payment attempts, whether successful or not. Or can I create a payment, and not remember it until step 3? That is, record only the successful payments (within their respective Invoices). Is there any reliability or security issue or other harm if I do not store it at step 1?
I suspect not being able to roll back failures.
In Paypal terms, they are of sale intent and are meant for payment of invoices for services rendered. Card data do not touch our servers, I am deferring to Paypal on handling it.
I use paypalrestsdk, Paypal's Python SDK.
Previously, it was tricky to get the PaymentId back when PayPal redirects the page back to your server to authorize you, as there was no way to get PaymentId on 3rd step
However, now, the PaymentId is returned back as a part of the URL as shown here in 3rd step :
http://localhost/Server-SDK/PayPal-PHP-SDK/sample/payments/ExecutePayment.php?success=true&paymentId=PAY-62998961VU1587338KR3AXWQ&token=EC-4YC2489096181311L&PayerID=REABK2UGK7PLW
As you can see it has paymentId which is the Id that you need to store.
So, to answer you dont need to store anything till 3rd step.
Additional Note:
However, if you have some complicated logic/service you want to provide. E.g. send them an email reminder(if you have their emailId), to remind them if they abandoned your card, etc. However, there are many ways to do that besides using these steps.

Automatically get a different status for an authorized vs. captured payment?

Is there a way or an extension out there that allows a Magento order to get a different status automatically once a payment has been captured?
The reason why we're looking for this is because we connect to ShipStation (www.shipstation.com) for shipping and eCC Webgility (www.webgility.com) to post orders to our accounting software. We need a more automated way for those orders that get pulled in for us to know whether the order has had funds captured or not. The only way for us to do this now is manually change the order status since Magento's default method keeps the order in "processing" regardless of it being invoiced or not.
You'll be able to do all of that with an Instant Payment Notification (IPN) solution.
For any transaction that ever hits your PayPal account, whether it's a payment, a refund, a cleared or failed pending payment, disputes, etc. their server will POST the transaction data to a listener script on your server.
Within this script you can use that data to update your database, generate custom email notifications, hit 3rd party web service API's, etc. all automatically, in real-time.

Paypal REST API and Chargebacks/Cancellations

I have been working paypal integration to an existing system of ours and successfully done tests on sandbox by using rest api and express checkouts.
Although documentation is detailed, I couldnt see anything about chargeback (i.e reverse transactions) and cancellations on rest api documentation page http://developer.paypal.com/docs/api/
So in case a user buys something successfully and the payment status becomes "completed", then there is a reverse transaction like chargeback, paypal will send a request to the return and cancel urls which are predefined while creating the related payment, or the client application has to check the payment statuses manually by rest calls? Or are there any other configs that I need to send while triggering the very first payment request?
You'll need to setup Instant Payment Notification (IPN) to handle that sort of thing.
IPN will automatically POST data about all transactions that hit your PayPal account to a URL you specify. This URL (a script) can receive the data and update your database, generate email notifications, or anything else you might want to automate based on the transactions.
You can handle all sorts of things with IPN. For chargebacks specifically, you would receive an IPN with the following params...
txn_type=new_case
case_type=chargeback
Of course, you'll get a bunch more parameters, too, but those would be how you can pick out the chargebacks and processing them accordingly.

Paypal payment process in 2 step?

I want to make payment process in 2 step , in first step paypal should collect fund from user account but not transfer to the merchant account .
when i send another request with sucess action at that type paypal should transfer fund to merchant account or if i pass fail action then paypal should refund to user.
is there any way to do this ?
i reefer following URL but cant find solution .
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_WPECIntegration#id0861K0T0WY4
Express Checkout is what you want, but there's better documentation available.
Basically, what you're after is Authorization and Capture. When you create your Express Checkout API requests you'll set the PAYMENTACTION to Authorization. Then, when you're ready to process the payment you call DoCapture and pass in the transaction ID you get back from Express Checkout.
No money is processed until the DoCapture call is processed. If you don't end up needing to process it you can simply do nothing, but that would strand the authorization on the user's account for the default period of time depending on their bank. Usually 30 days.
It's a better practice to call DoVoid at that point, which would cancel the authorization and release those funds back to the user's account immediately.
If you want to do the same thing with credit cards directly you can use Payments Pro. The process is almost identical, except there are actually fewer calls involved.
If you're using PHP I would recommend taking a look at my PHP class library for PayPal. It'll make all of this very simple for you, and I can provide 30 min of free training to help you get going if you want, too.

Parallel preapproved paypal payment?

I have parallel payments working on my test server very nicely, i.e. I can send money to more than 1 person at a time in parallel based on the example parallel.php file I downloaded from the developer paypal site.
I also downloaded the preapproval_flow.php file, but in the code, I can't see a variable/array which allows me to set parallel payment receivers, or even a single receiver for that matter.
Is it not possible to preapprove parallel payments with paypal api's?
If it is possible, how do I do it?
With straight forward parallel payments, I can use the following to set the parallel receivers of a payment:
$receiverEmailArray = array(
'email0',
'email1',
'email2',
'email3',
'email4',
'email5',
'email6',
'email7',
'email8',
'email9'
);
According to cms.paypal.com and x.com, the preappoval_flow has an option called feesPayer, for which the documentation says:
SENDER – Sender pays all fees (for personal, implicit
simple/parallel payments; do not use for chained or unilateral
payments)
The bold bit, tells me that it's possible to do pre-approved parallel payments, but I can't figure out how to sent the receivers...
Also, on x.com, it says:
Developers and merchants can combine;
Parallel and preapproved payments.
The first step in pre-approvals, is on obtaining one from the buyer.
This pre-approval is not tied to any specific seller, but rather to the API caller, and it allows you to make a Pay API call in the future without the buyer having to confirm it.
The pre-approval flow is a separate API call from the Payment flow. In it, you specify the total amount you want to pre-approve, the start and end dates that the pre-approval is valid for, and a few other parameters. (See chapter 8 of the Adaptive Payments dev guide for the full spec: https://cms.paypal.com/cms_content/US/en_US/files/developer/PP_AdaptivePayments.pdf )
In this API call, you redirect the buyer to the PayPal site, where he will approve future payments up to the amount you specified. (e.g. if you specified a total amount of $1000, the buyer can make 20 purchases of $50, or 1 big purchase of $1000)
Once the buyer approves this, you have a permission to charge him (In the form of a pre-approval token PA-xxxxxxxxxxxxxx, but at this point no money has changed hands.
Now that you have the token, you can proceed to make the Parallel Payment Pay API call, just like you are doing now, BUT you will specify one additional parameter:
preapprovalKey=<The PA key obtained previously>
(And you also need to make sure that actionType is set to PAY )
As soon as you make this API call, because PayPal sees that you have already obtained permission from the buyer (in the form of the approved PA-key), it will immediately move the money to the receivers specified. There is no need for the buyer to be redirected to approve this payment, since he has already pre approved it. (See the logic here?)
So to recap:
Make call to Pre-Approval API, to obtain permission to charge from the buyer
Make call to Pay API (that includes the PA key from step 1) to execute on the permission given