My application uses the SetExpressCheckout paypal classic API method. It is working fine when I use real accounts in a live environment.
It used to work fine using test accounts, but some weeks ago it has stopped working right. At some point, my application calls the "SetExpressCheckout" API method using curl in PHP. When I use the test seller account that I've always used for my tests, I always get the following error:
SetExpressCheckout API call failed.
Detailed Error Message: Security header is not valid
Short Error Message: Security error
Error Code: 10002
Error Severity Code: Error
I know that paypal has recently restructured its "developer network", and the issue seems to be caused by this but I have no proof of that. The API I used is now called the "classic" API.
I've read the documentation, and it says that I now have to create a new "real" paypal account, and then use it to log to https://developer.paypal.com. I did that.
Once logged to the developer website, there is a feature allowing us to import all the test buyer and seller accounts used in an old sandbox account. I did that, and my old test accounts appeared in a list.
One of them is the test seller account I used to test. When I check the details of this account, the username, password and signature used to authenticate to the paypal API are there. If I use them, it still returns the previous error.
There is also a feature allowing me to create test accounts. I've created a new seller, and still, I get the same error message.
When I search on google about this issue, most answers says that the username, password or signature are wrong or have hidden white spaces in them. That's not my case.
I don't know how to solve that problem. I am wondering if the API endpoint has changed. I currently use "https://api-3t.paypal.com/nvp" for tests. I am using the NVP API, version 64.
To make it short:
1) My test account used to work
2) The code has not been modified
3) Real accounts used to work and still work.
4) But test buyer account has stopped working
5) The issue chronologically coincide with paypal "developer network" restructuring.
6) I don't know what has changed exactly and might cause this.
7) Does anyone know what has changed and might has caused this (a new parameter in the query string? Endpoint URL changed?)?
8) According to my previous description, do I seem to have misunderstood something, and what?
I currently use "https://api-3t.paypal.com/nvp" for tests.
That's your problem. You're using test credentials, but the live API endpoint.
Change your endpoint to https://api-3t.sandbox.paypal.com/nvp and all should be fine.
Security header is not valid means that your credentials are incorrect. I've never once seen that error where this wasn't the case.
You need to make sure that if you're using sandbox credentials for testing that you're hitting the correct endpoint and using the correct credentials.
Lots of times people accidentally have sandbox credentials set but then send them to the live endpoint or visa versa. If you're hitting the correct endpoint and your credentials are indeed correct you won't get this error.
Related
I am integrating paypal in android application.
There is one pair of credentials from which I am unable to login, but on the same code other pair of login/password credentials is working fine on live payment.
I want to know what could be an issue.
i want to know what could be issue.
Your credentials could be wrong, or the login/payment could have been denied, or one of the accounts involved could be unable to send or receive payments. Those are some possibilities.
You haven't provided any specific and detailed information about the error behavior, so one can only guess.
I spent the last day and a half researching this problem to no avail. I found many similar problems, but none that exactly address my issue. I am attempting to integrate Payflow Pro with transparent redirect, but cannot successfully complete a transaction. I am using the test environment with a test Payflow Gateway account.
I can successfully retrieve a secure token by posting the following from my test server to https://pilot-payflowpro.paypal.com:
PARTNER=[hidden]&VENDOR=[hidden]&USER=[hidden]&PWD=[hidden]&TRXTYPE=S&TENDER=C&CREATESECURETOKEN=Y&SECURETOKENID=20180916085333999&URLMETHOD=POST&SILENTTRAN=TRUE&AMT=2&BILLTOFIRSTNAME=John&BILLTOLASTNAME=Doe&BILLTOADDRESS=123TestDr.&BILLTOCITY=Testcity&BILLTOSTATE=TN&BILLTOZIP=55511&BILLTOEMAIL=johndoe#test.com&USER1=3&USER2=&USER3=0&USER4=2
to which I receive the following response:
RESULT=0&SECURETOKEN=[hidden]&SECURETOKENID=20180916085333999&RESPMSG=Approved
NOTE: I have configured a Return URL using PayPal Manager, which is why RETURNURL is not included in the secure token request. However, I also have tried with RETURNURL specified, and I have obtained the same end result.
I use the results from the secure token request to create a cc collection form. I input test credit card details using acct# 5105105105105100, then post the following from the browser directly to https://pilot-payflowlink.paypal.com:
fund_id=3&ACCT=5105105105105100&CVV2=555&EXPMONTH=01&EXPYEAR=20&EXPDATE=0120&SECURETOKENID=20180916085333581&SECURETOKEN=[hidden]&feeTokenID=20180916085333999&feeToken=[hidden]
The response is properly redirected to the Hosted Page error URL I have specified in my Payflow Manager Service Settings. My problem is that I do not understand why it is redirecting to the error url with the following message:
RESPMSG=Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com:443
NOTE: The value above is only one part of the response sent to the error page. The rest of the return values include information from my original secure token request, which I would assume could only be returned if a successful connection had been established with the link in the error message??
To clearly state the problem:
I have already successfully connected from my test server to the link specified in the error message, when first I obtained the secure token.
The post that results in the error message was sent from the browser (in this case, on the same physical box as my test server) to https://pilot-payflowlink.paypal.com, which is not the URL specified in the error message.
Finally, the error seemingly occurs during the Payflow process - to my understanding, there should not be a call from my server or the browser to the link in the error message at this point during the process. I mention this specifically to address the many search results I found relating this particular error message to PayPal's requirement for TLS1.2, which is already properly configured on my server (I should mention for the sake of completeness, I do still have TLS1.0 enabled on my test server, but cannot disable it for unrelated reasons. Nonetheless, I was able to successfully connect to obtain a secure token, and my server passes PayPal's own TLS test at https://tlstest.paypal.com/).
I should mention that I also have tried to complete this same transaction on our production server, still using test credentials and test endpoints at PayPal, with exactly the same results. The test server is also set up for TLS1.2 with TLS1.0 enabled, and also passes PayPal's test.
This problem may be the one that pushes me full-on into insanity, so any help really would be appreciated!!
Disabling TLS1.0 has helped others with this issue. If you keep having problems, contact PayPal's support
For anyone who might find this question and be similarly frustrated, I want to share that I was able to solve the problem by creating a new Payflow Gateway test account.
I spent a great deal of time on trial and error solutions with no success, and PayPal Merchant Technical Services was able to duplicate the problem but was also unable to find a solution. Finally, after simplifying my test app as much as possible (two bare-bones HTML forms filled in and submitted manually), I came to the conclusion that there might be something wrong with my test account. Upon creating a new account with new credentials, then inserting them back into my original code, everything worked perfectly.
As of this morning, PayPal MTS is continuing to research the problem, since others have reported similar issues.
For others with similar problems, it is worth noting that I am now able to complete transactions while TLS 1.0 remains enabled.
I dont have access anymore to the sandbox.paypal.com
In Developer Account I tried:
Want to link existing Sandbox Account with your developer account? *Click here* and provide credentials of your sandbox account.
After few redirections it refuses to sign me in:
Error
Relying Party Validation error: client_ID or redirect_uri provided in the request does not match any of the registered clients. Please check the request.
I've tried with two differents accounts, one of them do not have a live account, and it give me each time the same error without further explanation.
#paypaldev filed a ticket on the issue but I'm not sure what to expect.
Do am I the only one ?
An update here for everyone else as I followed up with François via Twitter. The internal teams were able to track down the issue that was causing the relaying party validation error, and it should now be fixed without needing a workaround. If anyone is still seeing an error, please let me know and I'll circle back with the teams working on the fix.
I am attempting a SetExpressCheckout transaction in LIVE, but it always fails with "We are unable to complete your request at this time." In the sandbox it works perfectly every time, so I believe my API call is correct.
Here is the full request:
VERSION=97.0
&METHOD=SetExpressCheckout
&RETURNURL=http://www.foo.com/
&CANCELURL=http://www.foo.com/
&PAYMENTREQUEST_0_PAYMENTACTION=Sale
&PAYMENTREQUEST_0_AMT=1.00
&PAYMENTREQUEST_0_CURRENCYCODE=USD
&PAYMENTREQUEST_0_ITEMAMT=1.00
&L_PAYMENTREQUEST_0_NAME0=Test+Payment
&L_PAYMENTREQUEST_0_NUMBER0=TestPayment
&L_PAYMENTREQUEST_0_AMT0=1.00
&L_PAYMENTREQUEST_0_QTY0=1
&L_PAYMENTREQUEST_0_ITEMCATEGORY0=Digital
&SOLUTIONTYPE=Sole
&REQCONFIRMSHIPPING=0
&NOSHIPPING=1
&USER=*************************
&PWD=*************************
&SIGNATURE=********************
I have a ticket open with Paypal Merchant Support, but they have no clue why it's failing, which amazes me. I have called paypal customer service twice, and they definitely have no clue.
What am I doing wrong? Thank you.
I figured it out. It was my mistake. Although I was pointed at the live environment for the SetExpressCheckout call, the subsequent redirect was still going to the sandbox.
My fault...BUT...why can't the paypal developers put a little line of code in there so that when you go to the wrong environment (the system knows EITHER that I had just made the call to Live, then redirected to sandbox, OR at a minimum that the Live environment didn't have a matching token for what I was calling) a concise message is thrown such as "No token found in sandbox environment" or "API call made to Live, but redirected to Sandbox". A message like that would have enabled me to fix my own problem in seconds instead of hours.
So I was able to test CreateAndSend Successfully in sandbox, and have now moved my credentials to the live versions.
I created a new business account for using the live version, and have gotten my api credentials for it.
Replaced API ID,PASS,SIGNATURE with those credentials.
Connecting to svcs.paypal.com/Invoice/CreateAndSendnvoice.
and an error I'm getting back is user is not allowed to perform this action.
I set the merchant and payeremail to my email (I tried the paypal email and then the api1 email)
I was wondering if my paypal account needs to be verified to do this API call.
Thank you.
Make sure that you have a live app id and that it is approved for this feature.
Following up on this. Having my business account verified fixed the "user is not allowed to perform this action" problem I was having.