We're developing a marketplace where buyers and sellers meet to trade (something similar to Ebay). We want to support paying via PayPal and we don't intend to take any service fees. Since we're a startup any overhead paperwork for us is excess so we've decided that any PayPal transaction is between buyers and sellers directly.
However, we want to have accept/deny mechanism for sellers so they have to manually approve each and every order (in case some items are out of stock in their physical store etc.). After order is accepted, money should be transferred to the seller.
After a lot of thinking and reading PayPal documentation, we've decided to go with Express Checkout using auth/capture and parallel payment concepts. We've successfully integrated Express Checkout and everything works until calling DoAuthorization API which unfortunately fails. Everything we've done so far is inside PayPal Sandbox.
To give you a picture how our communication with PayPal's endpoint works, here is what we're doing (only important fields will be shown):
call SetExpressCheckout having PAYMENTREQUEST_0_PAYMENTACTION=Order and PAYMENTREQUEST_0_SELLERPAYPALACCOUNTID={seller's PayPal email address}
redirect buyer to RedirectURL to authorize payment
call GetExpressCheckoutDetails to get info about payment
call DoExpressCheckoutPayment having PAYMENTREQUEST_0_PAYMENTACTION=Order
Here we got info about transaction with status "Pending" which seems that everything is OK up to this point (transaction is also visible in the seller's PayPal account with the status "Pending"). Now according to documentation available we need to call DoAuthorization in order to complete auth process. However, after calling DoAuthorization we're facing an error saying:
[L_ERRORCODE] => 10007
[L_SHORTMESSAGE] => Permission denied
[L_LONGMESSAGE] => You do not have permissions to make this API call
[L_SEVERITYCODE] => Error
Here is what we're sending and receiving with DoExpressCheckoutPayment and DoAuthorization API calls (only important sections will be displayed):
DoExpressCheckoutPayment
Request
[REQUESTDATA] => Array
(
[USER] => {our API username}
[PWD] => {our API password}
[VERSION] => 98.0
[BUTTONSOURCE] => AngellEYE_PHPClass
[SIGNATURE] => {our API signature}
[METHOD] => DoExpressCheckoutPayment
[TOKEN] => {token we got from SetExpressCheckout}
[PAYERID] => {payer ID we got from GetExpressCheckoutDetails}
[RETURNFMFDETAILS] => 1
[NOSHIPPING] => 1
[PAYMENTREQUEST_0_AMT] => 123
[PAYMENTREQUEST_0_ITEMAMT] => 23
[PAYMENTREQUEST_0_SHIPPINGAMT] => 100
[PAYMENTREQUEST_0_CURRENCYCODE] => EUR
[PAYMENTREQUEST_0_DESC] => Order #54
[PAYMENTREQUEST_0_SELLERPAYPALACCOUNTID] => {seller's PayPal email address}
[PAYMENTREQUEST_0_PAYMENTACTION] => Order
)
Response
[PAYMENTS] => Array
(
[0] => Array
(
[TRANSACTIONID] => {we get some transaction ID here}
[TRANSACTIONTYPE] => expresscheckout
[PAYMENTTYPE] => None
[ORDERTIME] => 2014-01-15T22:43:19Z
[AMT] => 123.00
[FEEAMT] =>
[SETTLEAMT] =>
[TAXAMT] => 0.00
[EXCHANGERATE] =>
[CURRENCYCODE] => EUR
[PAYMENTSTATUS] => Pending
[PENDINGREASON] => order
[REASONCODE] => None
[PROTECTIONELIGIBILITY] => None
[ERRORCODE] => 0
)
)
DoAuthorization
Request
[REQUESTDATA] => Array
(
[USER] => {our API username}
[PWD] => {our API password}
[VERSION] => 98.0
[BUTTONSOURCE] => AngellEYE_PHPClass
[SIGNATURE] => {our API signature}
[METHOD] => DoAuthorization
[TRANSACTIONID] => {transaction ID we got from DoExpressCheckoutPayment}
[AMT] => 123
[CURRENCYCODE] => EUR
)
Response
[ERRORS] => Array
(
[0] => Array
(
[L_ERRORCODE] => 10007
[L_SHORTMESSAGE] => Permission denied
[L_LONGMESSAGE] => You do not have permissions to make this API call
[L_SEVERITYCODE] => Error
)
)
After spending a week trying to get this to work, googling and going through all available documentation trying to find if we have to have permissions to call DoAuthorization API, we're clueless.
We're sorry if this question is too long but we wanted you to have the full picture on what's going on and how we handle things with PayPal API. If knowledgable person could shed some light onto this issue, we'd be thankful.
Typically that sort of an error means exactly what it says, and your PayPal account simply doesn't have permissions to make that particular call.
Are you specifically wanting to place the funds on hold? You could run DoCapture to capture the order directly without the need to do the authorization in between, but order authorizations don't actually hold funds, so that's an important part of your puzzle you'll need to contact PayPal about why you're getting that error.
You can submit a ticket to www.paypal.com/mts and that goes directly to the tech support. They've been doing better lately about getting back to tickets more quickly, so I'd try that for sure.
In the mean-time you can give the phone support a try, however, the general phone reps tend to not know how to solve stuff like this and can just end up causing more confusion.
In either case, just let them know you're trying to make a call to the DoAuthorization API but you're getting this error and they should be able to help track down the issue and get you taken care of.
If you continue having trouble getting help let me know and I can reach out to some of my contacts at PayPal directly.
Ok, I have an update (sort of). We've got a response from PayPal MTS telling us to include SUBJECT field when calling DoAuthorization and fill it with the same value as PAYMENTREQUEST_0_SELLERPAYPALACCOUNTID which is basically seller's PayPal email address. We did it and this time we get the following response from DoAuthorization API:
[ERRORS] => Array
(
[0] => Array
(
[L_ERRORCODE] => 10002
[L_SHORTMESSAGE] => Authentication/Authorization Failed
[L_LONGMESSAGE] => You do not have permissions to make this API call
[L_SEVERITYCODE] => Error
)
)
So error code went from 10007 to 10002. Now we're still waiting for the second response from PayPal MTS but in the meantime we've narrowed the issue down and it appears the problem is with our API credentials (username, password and signature).
Basically we used our API credentials to go through SetExpressCheckout, GetExpressCheckoutDetails and DoExpressCheckoutPayment to receive transaction ID to be used with DoAuthorization API. Now instead of calling DoAuthorization with our API credentials (which will fail), we've tried to call it from: http://quar.me/paypal/api/nvp/doauthorization (using API credentials found on this website). To our surprise it worked, and the transaction has been authorized (and later captured) successfully. Then we copied API credentials from that website to our application to verify if it works, and I can confirm it does.
We're now puzzled same as the first time. I'll update this answer when we get a response from PayPal MTS. In the meantime, if someone has any idea what's wrong, feel free to respond.
Update [21-01-2014]
We've got response from PayPal MTS guy. The problem is somehow strange; in order to call DoAuthorization/DoVoid/DoCapture etc. API calls, seller needs to grant Auth/capture permissions to the API username. OK, let's say this is regular.
What's strange is that:
The need to request permissions for these API calls is nowhere mentioned in the documentation.
If permissions need to be granted from seller, how come API credentials found here work without ever requesting Auth/capture permissions? We've even successfully generated transaction ID with our API credentials and then authorized payment with API credentials from aforementioned website.
Update [22-01-2014]
OK, we've settled the issue with PayPal MTS. Reason for getting back these errors is the fact that each seller needs to give permission to our API username in order for us to be able authorize/capture payments. These can be achieved either by seller manually giving permissions, or via Permissions API.
Related
while paypal test checkout. I got an error mentioned below.
[TIMESTAMP] => 2017-09-22T09:01:00Z
[CORRELATIONID] => 8d454e5592202
[ACK] => Failure
[VERSION] => 65.1
[BUILD] => 36082234
[L_ERRORCODE0] => 10548
[L_SHORTMESSAGE0] => Invalid Configuration
[L_LONGMESSAGE0] => This transaction cannot be processed. The merchant's account is not able to process transactions.
[L_SEVERITYCODE0] => Error
[AMT] => 10.00
[CURRENCYCODE] => USD
I has checked for all stack answers and youtube tutorials.
I has created sandbox business account for us country, added balance, upgraded to pro, on modal in settings tab: PayPal Credit- on, login with pal - all these steps are done. copy the credential under api tab and pasted them to code you provide.
But while make payments. I got the above mentioned errors. Any help will be appreciated. Thanks!
Your account where it calls the API should be upgrade to PRO before you make the DoDirectPayment API.
This error usually occurs if you don't have a business account. You must have a business PayPal account within a PayPal Payments Pro-enabled country to use the Direct Payment API. The absence of a home or customer service phone number on your PayPal account can also trigger this error.
Solution
If you have a business account and you get this error, check your PayPal account profile and make sure it includes a home phone number or a customer service phone number. Update your profile if necessary.
https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1147&actp=LIST
I have made an e-commerce website, but unfortunately I am stuck here when I want to integrate Paypal classic API with my live site. Though I have tested the integration with sandbox which is success, but when I tried to go live it keep returning error. The error I caught is :
Array
(
[Errors] => Array
(
[0] => Array
(
[Receiver] =>
[Category] => Application
[Domain] => PLATFORM
[ErrorID] => 550001
[ExceptionID] =>
[Message] => User is not allowed to perform this action
[Parameter] =>
[Severity] => Error
[Subdomain] => Application
)
)
)
and my classic API information is this :
Adaptive Payment
Basic Payment
1.Checkout, Send Money or Parallel Payments
2.Currency Conversion
3.Get Payment Details
4.Refunds or Chargebacks
Confirm Funding Sources You Support
1.Credit Card Payments
2.E-Checks
3.PayPal Balance
Adaptive Accounts
Basic Payment
1.Create Business Accounts
I and the Classic API status right now is : "Approved Conditionally".
It looks like from all of the information provided that the application has not been fully approved. I recommend calling in to PayPal support to check the status of the application.
You can go to https://www.paypal-apps.com/ and log into your PayPal account. Click 'My Messages' to send your request to PayPal App team. They will review your case and get back to you.
I have found issues similar to this. But I wanted to explain my case as I haven't found a suitable answer.
I have my Ticketing System in which I have implemented Sage Pay. When I make a transaction it will get redirected to SagePay and the Transaction will be completed. Now If I want to refund the Payment I need to go to SagePay, login there, select the Order which has to refunded and then refund it. So instead I thought of implementing it in my Ticketing System. When the transaction is completed through SagePay a response code is generated which looks similar to this .
Array ( [VendorTxCode] => 14-11-04-16-19-30-8989049 [VPSTxId] => {8D7FC333-9979-DA1C-32E0-AAA2CC1A31FB} [Status] => OK [StatusDetail] => 0000 : The Authorisation was Successful. [TxAuthNo] => 164996 [AVSCV2] => SECURITY CODE MATCH ONLY [AddressResult] => NOTMATCHED [PostCodeResult] => NOTMATCHED [CV2Result] => MATCHED [GiftAid] => 0 [3DSecureStatus] => NOTCHECKED [CardType] => VISA [Last4Digits] => 0006 [DeclineCode] => 00 [Amount] => 10.00 [BankAuthCode] => 999777 )
Now in order to refund the transaction I need to have RelatedSecurityKey which is not being sent by SagePay. When I go to Sage Pay, get the Security Key and Hard code the value in my Refund API I am able to refund the Transaction. Is there any way to get the Security Key in my Ticketing System. If so how?
If you are using Server, you will get a security key as part of the response to the initial transaction registration post. You can then pass this back with the Refund posts as RelatedSecurityKey.
If you are using Form, you won't get this value sent back. In this instance, you could use the Reporting API to get the Security key (getTransactionDetail command) instead of logging into My Sage Pay.
When I run a PayPal Adaptive Pay call, and I set about 3 receivers, how to I get the status of each of the receivers?
Because I get something back like this:
Array
(
[responseEnvelope.timestamp] => 2012-11-05T13:17:48.598-08:00
[responseEnvelope.ack] => Success
[responseEnvelope.correlationId] => 8e31ecdad58ca
[responseEnvelope.build] => 4110101
[payKey] => AP-6TJ00518SC231111B
[paymentExecStatus] => COMPLETED
)
Does this go through the IPN or can I view it in a sandbox area? I keep re-reading PayPal docs and Im so confused :)
just use PaymentDetails api to obtain an array of PaymentInfo elements with status for each receiver. If you have permissions from each recipients to make GetTransactionDetails API calls on-behalf of them (which you can obtain using Permissions API) you can use the TransactionID from the PaymentDetails API response to obtain further more transactional data for each one of the sub-transactions.
Hi All I am implementing recurring payments with paypal. My paypal script is already running now embedding recurring payments in it. I have searched a lot and not find any useful material. I found from Recurring some material. I implemnted the code of createrecurringpayments.php from here and changed the variables accorinding to mine. I redirect browser to this file from DoExpressCheckoutPayment.php when transaction is completed. But at createrecurringpayment.php I always get the following error.CreateRecurringPaymentsProfile failed: Array ( [TIMESTAMP] => 2011%2d03%2d28T11%3a44%3a30Z [CORRELATIONID] => 81d0c488123c4 [ACK] => Failure [VERSION] => 54%2e0 [BUILD] => 1776465 [L_ERRORCODE0] => 10002 [L_SHORTMESSAGE0] => Security%20error [L_LONGMESSAGE0] => Security%20header%20is%20not%20valid [L_SEVERITYCODE0] => Error ).
there may be below 4 causes for this type of error you found..
1. You have your PayPal module configured to "Sandbox" but have not used Sandbox API credentials.
2. You have your PayPal module configured to "Live" but have not used Live API credentials.
3. You have mis-typed one or more API credentials entries, including but not limited to leaving trailing spaces.
4. You have deleted and/or recreated new API credentials in your PayPal account but have not copied those new credentials back to your store.
Just check it out..it may helpful to you..
Thanks.
I have found the solution.... I was using paypal Express Checkout.. With this it is not possible to implement recurring payments...