Paypal API Connection Features

Uk Ru En
Paypal API Connection Features

The Paypal service provides two APIs: REST and IPN.
In this article we will consider the REST API, which allows to conveniently interact with all the Paypal entities.
API Paypal is a JSON API. Paypal provides two environments: the production,, and the sandbox,

To protect the requests Paypal use OAuth 2.0 authentication, so one have to get an access token. The token can be obtain by sending a POST-request to "v1/oauth2/token" path with the "grant_type" key and the "client_credentials" value. Also pass the "Authorization" header with the following value "Basic " . base64_encode("$clientId:$secret").

Now you will be able to sign all your requests with the token for some time. $clientId and $secret one can find directly from the Paypal website account section. Also the section can be used to change the application mode, production/sandbox. You can use JSON-formatted data to send for all the routes except the OAuth 2.0 token route.

It is enought to have the token to use the Payments API. Therefore one can send payments, see payment history and so on. But by default the payment history is not accessible, you have to allow the access in the Paypal website account section. The sandbox environment payment history is empty by default, so you have to make some test payments to be able to test the refund functionality.

Some routes have the additional protection. You have to sign the request on more time. Pass the "PayPal-Auth-Assertion" header and use base64-encoded JSON-formatted arrays, ['alg' => 'none'] and ['iss' => $clientId, 'email' => $email], concatenated by a dot, ".".

The parameter $clientId we mentioned before and $email - is the email address, you register you Paypal account with. Be careful, in for the sandbox environment you should use a different test email, provided by Paypal, see the account section of the Paypal website.

Besides, you can also replace the "email" key and use the "payer_id" key with your account's "payer_id" as value. Also it should be noticed again that you have to use a dot to concatenate your base64-encoded string, so the result string have to include dots, the Paypal service will use it later as a delimiter.

For example in case of PHP the second signature generation method will look like this:

private function getPaypalAuthAssertion($email, $clientId) {
   $joseHeader = base64_encode(json_encode(['alg' => 'none']));
   $payload = base64_encode(json_encode([
        'iss' => $clientId,
        'email' => $email,
   return $joseHeader . '.' . $payload;

To provide the error processing in the right way you should take into account that the Paypal service return two types of errors: access errors, if token is wrong for example, and validation errors. So you must have two mechanisms of errors messages reformatting.

Articles You May Also Be Interested In
Implementation of the structure of the product database from the service using Doctrine2
Extend your project on a solid basis using the built-in Doctrine2 functionality, try adding your own classes and tables. Description of the product database
Posting data to Amazon have to be made in a different way
Posting data to Amazon have to be made in a different way
Let's update an order's tracking number for example.
Amazon Marketplace Web Service (MWS) API Connection Guideline
Amazon Marketplace Web Service (MWS) API Connection Guideline
How to connect to the Amazon MWS API? The process of obtaining a list of orders and generating a query signature using several parameters
Tips for connecting the ShipStation API service
Use the ShipStation API as an aggregator for your service and as a great tool for saving money on sending packages. Description of the service’s features
Contact Us
Ready to Start? Let Us Know!

Ukraine, Zhytomyr
Vitruka Street, 9V

M-F, 9am — 6pm

Contact Us
Have a Question?
Describe your problem, fill the form below, and our staff will help you!
Required field
Required field
Required field
Required field