I am trying to set up a test process to get some authorizations completed. I managed to get a response other than Invalid Vendor (I had set up the account wrong), but now we get this response:
RESULT=52&PNREF=XXXXXXXXXXXX&RESPMSG=Insufficient permissions to perform transaction
Any thoughts on how to correct this? Request string:
TRXTYPE[1]=A
&VERBOSITY[4]=HIGH
&ACCT[16]=411111XXXXXX1111
&TENDER[1]=C
&AMT[4]=1.99
&CURRENCY[3]=USD
&USER[8]=MyPayFlowUser
&VENDOR[8]=MyPayFlowUser
&PARTNER[6]=PayPal
&PWD[10]=XXXXXXXXXX
&ORIGID[13]=XXXXXXXXXXXXX
You should have API_FULL_TRANSACTIONS. Result code 52 usually means you are trying to make a Payflow API call when you only have a Payflow Link account. Payflow Link accounts are only allowed to make an API call for the SECURETOKEN.
Without more details and looking at the account, it is hard to say what is happening. If I had to guess just based on these details you provided, it sounds like you do not have permissions to perform the type of API call that you are trying to. If you can provide the PNREF number for the transaction I can take a look at it on my end.
Related
When I do a Paypal API signature request under business profile, the generated api is using my old website ---whateverAPI.my-old-website.com
I've updated all of my business information and see no instances of the old url in my paypal account or the developer or sandbox accounts.
I do not have the old login information for developer area where I created the original API information as it was changed to my new login/business.
I need to change the URL associated with my account so the api generated has the apicode.new-website.com
I know this is a low level expertise for most of you compared to what you are coding but I am completely stuck and have tried everything I can think of.
Thanks for taking the time to read!
When the API is first requested on an account, it is generated based on the email address associated with the account at the time. Even if you remove the email address and request new API credentials, it will still use that original email address. There is no need for concern, you only set this in your API call or in your shopping cart to use. Buyers are not going to see it or anything, and it's not something you would regularly share or have to use all that often. Once you set it in your code, you don't really mess with it again unless you need to set up the API credentials again.
My question is simple yet I can't find any SO posts or PayPal documentation to answer it.
In the event of a PayPal user having some error being redirected after completing their checkout (internet goes out, browser crashes, they close their browser before the redirect goes through, random networking issues, etc.) How are we suppose to handle that?
I thought using the following REST API
GET /v1/payments/payment/<Payment-Id>
Would solve my problem but since the state returned from this request does not change from created to approved until the funds have been executed it is useless. In the case of having some redirect error you will not have been able to execute the funds and thus it will simply be in the created state still which does not help you.
Additionally I thought maybe PayPals IPN system used for CLASSIC API would be the answer to my problem but again it fails. The IPN system does not contain relevant information such as transaction ID which is needed to link the two systems together.
Is there no way to do automated error handling using the REST API?
My application uses the SetExpressCheckout paypal classic API method. It is working fine when I use real accounts in a live environment.
It used to work fine using test accounts, but some weeks ago it has stopped working right. At some point, my application calls the "SetExpressCheckout" API method using curl in PHP. When I use the test seller account that I've always used for my tests, I always get the following error:
SetExpressCheckout API call failed.
Detailed Error Message: Security header is not valid
Short Error Message: Security error
Error Code: 10002
Error Severity Code: Error
I know that paypal has recently restructured its "developer network", and the issue seems to be caused by this but I have no proof of that. The API I used is now called the "classic" API.
I've read the documentation, and it says that I now have to create a new "real" paypal account, and then use it to log to https://developer.paypal.com. I did that.
Once logged to the developer website, there is a feature allowing us to import all the test buyer and seller accounts used in an old sandbox account. I did that, and my old test accounts appeared in a list.
One of them is the test seller account I used to test. When I check the details of this account, the username, password and signature used to authenticate to the paypal API are there. If I use them, it still returns the previous error.
There is also a feature allowing me to create test accounts. I've created a new seller, and still, I get the same error message.
When I search on google about this issue, most answers says that the username, password or signature are wrong or have hidden white spaces in them. That's not my case.
I don't know how to solve that problem. I am wondering if the API endpoint has changed. I currently use "https://api-3t.paypal.com/nvp" for tests. I am using the NVP API, version 64.
To make it short:
1) My test account used to work
2) The code has not been modified
3) Real accounts used to work and still work.
4) But test buyer account has stopped working
5) The issue chronologically coincide with paypal "developer network" restructuring.
6) I don't know what has changed exactly and might cause this.
7) Does anyone know what has changed and might has caused this (a new parameter in the query string? Endpoint URL changed?)?
8) According to my previous description, do I seem to have misunderstood something, and what?
I currently use "https://api-3t.paypal.com/nvp" for tests.
That's your problem. You're using test credentials, but the live API endpoint.
Change your endpoint to https://api-3t.sandbox.paypal.com/nvp and all should be fine.
Security header is not valid means that your credentials are incorrect. I've never once seen that error where this wasn't the case.
You need to make sure that if you're using sandbox credentials for testing that you're hitting the correct endpoint and using the correct credentials.
Lots of times people accidentally have sandbox credentials set but then send them to the live endpoint or visa versa. If you're hitting the correct endpoint and your credentials are indeed correct you won't get this error.
Paypal provides access to a parameter called "SoftDescriptor" in a number of their payment request API calls, in the classic API (either NVP or SOAP). In theory, this parameter lets you send transaction-specific data along with your request, which will be passed along to the buyer's credit card statement.
This parameter is available on at least:
DoCapture
DoReferenceTransaction
DoExpressCheckoutPayment
I cannot, for the life of me, get this to work. None of these calls seem to set the softdescriptor for the initial descriptor (Which shows up in the bank statement while the charge is pending, before the payment posts). I've been waiting a few days for the payments to post to see if it will change at that point, but I'm skeptical.
Has anyone successfully used the SoftDescriptor? Did it require extra account setup?
This might be very late.
Soft Descriptors is supported only for US,UK and CA merchants.
Your account needs to be enabled for Soft Descriptor.You can contact Businesss/Customer Support to get this enabled.
https://developer.paypal.com/docs/classic/release-notes/merchant/PayPal_Merchant_API_Release_Notes_115/#softdescriptorforpro
Sorry, I know this is an old post, but I was looking for the same answer to the same question and I thought I would share what I found.
You should be able to use the following link to move past this error. In my case, I had a comma after the wrong right curly brace. Just copy and paste the example, in the aforementioned link, and change the values to meet your needs.
And I am about to post my own question about why the transaction amount is considered invalid
we are dealing with heavy chargebacks and refunds. But I am unable to identify how can I get the details of chargebacks and refunds. We have published our game through third party so they own the Company Account for transactions. We have asked them, but apparently they don't have anything to help us out. I have used Graph API to log the transaction details and I have also used the debug tool to find out the reason or details of chargebacks and refunds. but even our refunds does not have any reason attached with it. Please help me out of this. I have done alot of Google on this but i am unable to find out what I need to know
Regards.
All you will actually get is a “Refund Reason Code” – which of these there are, and how to access them, is described here:
https://developers.facebook.com/docs/payments/disputes/#refundcb_tracking
Edit:
It does not look like you can look up the refund reason code via the API – but Facebook will send it to you, via a ping to your callback URL:
“If the order has been refunded by Facebook, we will ping your callback with a payments_status_update for the order in questions with a status of refunded. In addition, there will be an additional field returned called refund_reason_code with one of the following values: […]”
So you will have to react to that and evaluate the refund reason code (save it to your database, …) in this callback.