All of a sudden my site has stopped taking payments using paypal, no files have been changed but I now get this error:
Fail!
POST /2.0/ HTTP/1.1 Host: api-3t.paypal.com Blanked out info for security
Error 10410 - Invalid token.
I have restored site files from backups to make sure it isn't that, the last time it worked was the 9th of July.
I have confirmed API details with the paypal account and they are still the same
Is there anything else I could check? Have paypal changed anything?
That error is pretty specific. It simply means the TOKEN you sent with your request is invalid for one reason or another. You need to look at your raw API request to see what you're sending for the TOKEN value. It could be from GetExpressCheckoutDetails or it could be from DoExpressCheckoutPayment. I can't really tell from what you've said here, but it's gotta be one of those.
Related
I am trying to use the NetSuite SuiteTalk REST Web Services to access NetSuite CRM data.
I have the access up and working in production. Able to retrieve record data and metadata.
I am now trying to set up access in the sandbox for more in-depth testing.
In the sandbox I have:
- Enabled rest web services
- Enabled token based authentication
- Given user concurrent web services permission
- Given user Log in using access tokens permission
- Created an integration
- Created an access token
All of these actions mirrored what was done in production.
When I attempt any kind of GET to the web service, I receive a 401 - Invalid login attempt.
When I check the Login Audit Trail, I don't see any record of the GET attempt, failed or otherwise.
Is there something of a systemic nature that I have to do additionally in the sandbox to enable rest web services? Above and beyond enabling it in SuiteCloud/SuiteTalk?
The fact that I see absolutely nothing in the audit trail makes me believe that something is still "turned off".
===> 4/4/2020 Update
ed14 and Nihkil,
Thank you for your responses, and sorry for the delay in responding back.
The hyphen to underscore in the realm did not help me unfortunately.
Let me recap recent attempts:
1) Started by verifying that REST API testing in production still works.
2) The sandbox was refreshed by a CRM admin. The application was still there, but my access token was not. I created a new one in the sandbox.
Is it possible to delete the application? I cannot see any way to do that.
3) Tested with existing Consumer Token and new Access Token. Got the same response as from my first post: "title": "Invalid login attempt, for more details see Login Audit Trail.",
4) Tested by slightly modifying the URL to make sure I was not going to a black hole somewhere. It gave me the expected error.
5) Tested by modifying the realm: Realm 9999999-sb4 to Realm 9999999_sb4 It gave me an error which leads me to believe that my original realm is correct: "title": "An unexpected error occurred. Error ID: k8hd8pqej3unxblmaoik",
Again, none of the tests show up in anywhere in the audit log as a failed attempt.
Not sure where to go from here? Delete the sandbox application (if possible) and start again? Or new application in sandbox?
Thanks for any and all help.
Bryan Hunt
I had the same issue using the sandbox. Apparently there is a mismatch between the account ID (used in realm authorization) and the account ID in the URL.
The account ID (realm): XXXXX_SB1
The account ID in the url: XXXXX-SB1
The SB should be in upper case.
This solved the problem for me.
As #ed14n and #nikhil-abraham said, changing - to _ in authorization realm and put the SB in UPPER CASE solve this problem here.
If you are using POSTMAN template provided from NetSuite, your envs should be like the image below.
In Postman in your request tab and then in the authorization tab in the advanced section there is a field called Realm. Put the account id in the realm field with underscores.
I'm setting up a paypal payment option on the project i'm working on.
The authorization structure I use is an hybrid client + server REST.
The client generates the token as expected, after the user clicks "Pay now" on the paypal page.
Then the server receives its data (paymentID and payerID). So, i just ask for a bearer token (or use the one i had stored) and reach the
POST /payments/payment/{payment_id}/execute
endpoint, with no body at all.
Everything works fine, until the REST request, since it gives me a 500 error and no explanation at all of what I could have done wrong. Just in case some PayPal developers are reading this post, i'll also leave the debug id:
d78e7ca9e79b2
Another strange thing is that the
GET /payments/payment/{payment_id}/
request is working fine, also giving me as HATEOAS endpoint, the execute link, identical as the one I use. Did i miss something, in the execute call, so?
We're using the Intuit Customer Account Data API to connect to banks in our application. While the credentials and security questions go through fine, we're getting an Unauthorized error when we provide the answer to the security image (captcha image). Providing a blank does not help either. We get this error only when the answer is correct, in the case of incorrect answer the response is "Incorrect MFA answer".
Have you tried this use-case using CC_Bank( dummy FI setup for testing).
Here is the test username-pwd link for different use cases.
https://developer.intuit.com/docs/0020_customeraccountdata/customer_account_data_api/testing_calls_to_the_api
You should debug the use case using CC_Bank. If it still doesn't work then you should raise a support ticket.
https://developer.intuit.com/Support/Incident
Thanks
Using REST API, sandbox and attempting to get bearer token. Receiving the following error
{"name":"INTERNAL_SERVICE_ERROR","information_link":"https://api.sandbox.paypal.com/docs/api/#INTERNAL_SERVICE_ERROR","debug_id":"5a235c510522b"}
How can I find out what the debug id means?
The 'debug_id' is an internal identifier we can use to pull up the request within PayPal.
You may see our classic API calls refer to this as the 'correlationID'.
Unfortunately I'm not finding anything in our system for this debug_id. Can you log a ticket (www.paypal.com/mts) or email me (address in profile) with details of the call, including your full HTTP request (minus credentials) and the resources you tried to access, as well as the full HTTP response?
I suggest we close this answer as it's not strictly programming-related, but I can continue working on this via mail / ticket with you.
By the way; if you're using the 4111111111111111 credit card: this card number is currently inoperable in the Sandbox environment and may throw 'internal service error' type responses as well. You can use any other card number instead.
I'm using PayPal PayFlow Pro to process transactions. We've opted to use the secure token with transparent redirects to try and address PCI-Compliance issues.
In my token request, I am specifying the CUSTREF parameter like so:
&CUSTREF=461
I have also created a hidden field for this in the transaction form. I have the HTTPS proxy enabled for Fiddler and I can see these values coming through in both the secure token and transaction requests. The transactions complete successfully on the live PayFlow gateway.
However, when I view the transactions under https://manager.paypal.com/ > Reports > Daily Activity, the Cust Ref #: field on the detail page is empty.
The parameter is discussed for use in inquiry transactions on page 71 of this document:
https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/payflowgateway_guide.pdf
I couldn't find much documentation on this field other than this. I had a look at some code samples, and it looks like the CUSTREF parameter should be passed in the transaction request (which was the first thing I tried), e.g.
https://github.com/angelleye/paypal/blob/master/PayFlowTransaction.php
Has anyone encountered this before? I have a ticket open with PayPal.
I received confirmation from PayPal that this is a bug.
This appears to work with the regular Payflow Pro API calls, but fails when passing the CUSTREF using a Secure Token API call or hosted pages (using Secure Token).
The recommended work-around was to pass the field through in the comments.