Category Archives: Libraries & SDKs

Integrate our new JavaScript SDK for Payments

By

PayPal’s Braintree is a core building block for accepting payments on the web, enabling merchants to accept PayPal, credit cards, 3D Secure, Apple Pay, Android Pay, and more.

This year, we introduced a new version of our Braintree JavaScript SDK (Software Development Kit). With numerous improvements such as a smaller file size, greater flexibility, and input formatting, this modernized JS SDK is ready for the web of today and tomorrow.

We’re pleased to announce General Availability of v3 of the Braintree JS SDK, ready for you to integrate and use right away. This SDK is a great way to accept PayPal on your website, and we recommend that you use it for new PayPal integrations.

Braintree offers additional features above what you’ll find in PayPal alone, including support for additional payment methods. Also, you’ll have a simple path toward accepting new payment methods in the future.

This new SDK is now open source on GitHub. Want to change or improve something? We welcome pull requests.

Ready to get started? Visit our Braintree JS documentation, and let us know what you think!

Braintree Product Team

Adaptive Payments is Moving to Limited Release – What you Need to Know

By

On October 6th we will begin the process of moving the Adaptive Payments product into a limited release mode. Limited release means a few things for Adaptive Payments in this case:

  • Adaptive Payments will be restricted to select partners for approved use cases and should not be used for new integrations without guidance from PayPal.
  • The Adaptive Payments documentation will only be accessible from a single new location, the documentation directory.
  • All references to Adaptive Payments as a solution within the documentation will be removed / replaced with the best current solutions.

Adaptive Payments will continue to be a fully supported offering, so integrations will continue to function without interruption. Our end goal with this project is to migrate all existing users of Adaptive Payments on to the modern products that will be the core of our future development APIs, namely Braintree v.zero and the PayPal REST APIs.

Why we’re moving to a limited release

This is the first step in a far reaching effort to continue to provide modern offerings, and the best solutions, for developers. To continue this, we are centralizing our efforts behind the development and optimization of the products that are built towards supporting the future of the payments industry.

Much of the functionality provided by Adaptive Payments is available in newer solutions that fully support the latest in consumer experiences from PayPal, such as mobile optimization and One Touch. However, Adaptive Payments is still the best solution for a small set of use cases, which is why we will continue to offer it as a limited release product for select partners.

Existing applications and Adaptive Payments users

For existing users of Adaptive Payments, your applications will continue to work during this process, and you will not experience any disruption in service. With that said, we will be working hard in the coming months to provide migration guides, advice, and support for moving existing developers towards integrating Braintree v.zero or the PayPal REST APIs, which will be continually updated to support any modern features or payment methods that should arise.

If you are not currently using Adaptive Payments for your payment integration, it is not recommended that you create a new service with Adaptive Payments as the payment integration mechanism.

Stay tuned for updates.

Dates Revised for Security-Related Changes

By

We’ve revised some of the dates originally published in the Security-Related Changes Required to Avoid Service Disruption post from earlier this year.

The dates have been revised in order to give merchants additional time to plan for any necessary changes and to give developers additional time to update their integrations.

The dates in the original post reflect the current deadlines. In summary, here are the date revisions:

  • The TLS1.2 Upgrade date moves to June 2017.
  • The HTTPS for IPN Postback date moves to June 2017.
  • The SHA-256 Upgrade dates: Merchants must be compliant by September 30, 2016 as we will begin our permanent upgrade of the remaining endpoints in October 2016. Take action by June 17, 2016 to verify if your system is SHA-256 compliant.
  • The SFTP Server move dates remain the same.
  • The API Authentication Credential Certificate dates remain the same.

Developers should continue to reference the 2017-2018 Merchant Security Roadmap microsite for all the latest details and up-to-date information regarding these security changes.

Adam Colson

Author: Adam Colson

About the author: Adam is a Product Manager at Braintree | PayPal, focusing on the PayPal developer experience since August 2015. When Adam isn’t helping to enable global e-commerce through APIs, he can also be found hacking away at the Internet of Things or tinkering in his garage.

@adamc | LinkedIn

TLS 1.2 Upgrade Technical White Paper

By

REVISED May 12, 2016Please note that the deadline for the TLS update has been moved out to June 2017

As a leader in Financial Technology, PayPal’s mission is to provide simple, affordable, secure and reliable financial services and digital payments. To accomplish this mission, we constantly evaluate our security posture – which includes complying with industry standards, laws and regulations – to create an environment our merchants and consumers can trust.

Beginning June 2017, PayPal will begin the process of discontinuing support for TLS 1.0 and 1.1, meaning that all communications with PayPal API (including SDK) must use TLS 1.2.

You can read more about PayPal’s official position on mandating the TLS 1.2 upgrade, the rationale for the upgrade as well as resources for merchants and developers to help them through the upgrade process by downloading the Foundation for June 2017 TLS 1.2 Upgrade Technical White Paper.

For information on all the security-related updates that are required this year, visit the 2016-2017 Merchant Security Roadmap Microsite.

Webhooks for REST APIs launched

By

(By Joe Nash & Alberto López)


PayPal’s latest addition to the roster of products taking advantage of PayPal REST API technology gives developers easier access to notifications of payment activities, such as payment status updates. PayPal webhooks are now available, and not only do they enable similar functionality to that of the IPN available in the Classic APIs, but they provide additional functionality to ease development and create innovative new products.

What is a webhook?

When we discuss webhooks, we refer to three key actors:

  • Webhooks: A webhook takes the form of a POST request to a URL that you set via your PayPal account. When a payment is made, or the status of a payment changes, the POST request is triggered, sending an event. This allows you to see and work with payment updates in real time. Webhooks can be created, updated, listed and deleted all through your PayPal account.
  • Events: An event contains the details about the payment update, including: the time of payment authorization or the amount of a payment or refund. Past events are searchable, and can also be resent in a webhook. There are multiple event types.
  • Event types: Event types can be selected to only cause the triggering of webhooks for specific payment updates and information, allowing you to choose to receive POST requests about the information that is important to you and your product.

Through these three actors, developers can manage operations that happen during the transaction lifecycle. Developers can list all of the event types subscribed to by a given webhook, perform more focused searches such as searching for webhooks by event type, and the API itself can be used to retrieve webhook events.

What operations are available using webhooks?

Webhooks provide some interesting functions for developers:

What are the differences between Webhooks and IPN?

At first glance, the differences between Webhooks and IPN used in the Classic API are subtle. What makes webhooks desirable over IPN is their sheer customisability versus IPN:

  • Whilst IPN did allow for the configuration of different IPN listener’s for different transactions, the IPN listener had to be predefined in the PayPal account. Further, it could only be modified through the PayPal account, and by default all refunds notify to this listener. With Webhooks you will be able to create different webhooks via the API for managing different event types (an authorization created, or voided or refunded), and modify each of them using an API REST call.
  • Webhooks enable the retrieval via API of any webhook event that was unable to be collected in the initial triggering of the webhook. In contrast, IPN events were only accessible via the PayPal account.
  • Webhooks have the important property of real time event notification, whilst with IPN, some delays could be experienced.

It is clear that webhooks give distinct advantages versus IPN; they are more flexible, versatile and can be used in real time. Let’s see how they work.

How do Webhooks work?

To use the webhook API in the Sandbox, first do the following:

  1. Go to the My REST apps page.
  2. Create an application, if you haven’t done so already.
  3. Add a webhook URL (the maximum number of webhooks is 10).
  4. Subscribe to the event types of interest. As we said before, you can also choose to manage webhooks, events, and event types through the Webhooks API.

Getting the bearer token:

Request

curl https://api.sandbox.paypal.com/v1/oauth2/token
\ -H "Accept: application/json" 
\ -H "Accept-Language: en_US" 
\ -u "<Client-Id>:<Secret>" 
\ -d "grant_type=client_credentials”

Response

{ "scope": "https://api.paypal.com/v1/payments/.*
https://api.paypal.com/v1/vault/credit-card/
https://api.paypal.com/v1/vault/credit-card/.*",
"access_token": "EEwJ6tF9x5WCIZDYzyZGaz6Khbw7raYRIBVTTTWxVvgmsG",
"token_type": "Bearer",
"app_id": "APP-6XR95014BA15863X",
"expires_in": 28800
}

Creating the webhook via API

Request

curl -v POST https://api.sandbox.paypal.com/v1/notifications/webhooks \
-H 'Content-Type:application/json' \
-H 'Authorization: 
        Bearer EEwJ6tF9x5WCIZDYzyZGaz6Khbw7raYRIBVTTTWxVvgmsG' \
-d '{
   "url": "http://www.yeowza.com/paypal_webhook",
   "event_types": [
       {
           "name": "PAYMENT.SALE.REFUNDED"
       },
       {
           "name": "PAYMENT.CAPTURE.REFUNDED"
       }
   ]
}'

Response

{
"id":"0E842532SB505363J",
"url":"https://www.mysite.com/paypal_webhook",
"event_types":[
    {
        "name":"PAYMENT.SALE.REFUNDED",
        "description":"A sale payment was refunded"
    },
    {
        "name":"PAYMENT.CAPTURE.REFUNDED",
        "description":"A capture payment was refunded"}
    ],
"links":[
    {
     "href": "https://api.sandbox.paypal.com/v1/notifications/
             webhooks/0E842532SB505363J",
     "rel":"SELF",
     "method":"GET"
    },
    {
     "href": "https://api.sandbox.paypal.com/v1/notifications/
             webhooks/0E842532SB505363J",
     "rel":"UPDATE",
     "method":"PATCH"
    },
    {
     "href": "https://api.sandbox.paypal.com/v1/notifications/
             webhooks/0E842532SB505363J",
     "rel":"DELETE",
     "method":"DELETE"
     }
]
}

After making a payment, you’ll receive in your webhook (https://www.mysite.com/paypal_webhook) an event type with the information of the event type:

{
 "id": "WH-0AF57170N8121644E-6VF27453LH2982421",
 "create_time": “2014-09-25T21:41:28Z",
 "resource_type": "authorization",
 "trigger_event": "PAYMENT.AUTHORIZATION.CREATED",
 "summary": "A payment authorization was created",
 "resource": {
   "id": "0MW879906U0874649",
   "create_time": "2014-09-25T21:39:15Z",
   "update_time": "2014-09-25T21:39:17Z",
   "state": "authorized",
   "amount": {
     "total": “10.00",
     "currency": "USD",
     "details": {
       "subtotal": “10.00"
     }
   },
   "parent_payment": "PAY-0AB48420EF007493KKQVUMBY",
   "valid_until": "2014-07-24T21:39:15Z",
   "links": [
     {
       "href": "https://api.sandbox.paypal.com/v1/payments/
               authorization/0MW879906U0874649",
       "rel": "self",
       "method": "GET"
     },
     {
       "href": "https://api.sandbox.paypal.com/v1/payments/
               authorization/0MW879906U0874649/capture",
       "rel": "capture",
       "method": "POST"
     },
     {
       "href": "https://api.sandbox.paypal.com/v1/payments/
               authorization/0MW879906U0874649/void",
       "rel": "void",
       "method": "POST"
     },
     {
       "href": "https://api.sandbox.paypal.com/v1/payments/
               payment/PAY-0AB48420EF007493KKQVUMBY",
       "rel": "parent_payment",
       "method": "GET"
     }
   ]
 },
 "links": [
   {
     "href": "https://api.sandbox.paypal.com/v1/notfications/
             webhooks-events/WH-0AF57170N8121644E-6VF27453LH2982421",
     "rel": "self",
     "method": "GET"
   },
   {
     "href": "https://api.sandbox.paypal.com/v1/notfications/
             webhooks-events/WH-0AF57170N8121644E-6VF27453LH2982421/
             resend",
     "rel": "resend",
     "method": "POST"
   }
 ]}

In our webhook event, we get all of the information, coupled with useful links, given by the event type. From here, we can perform some operations on the data, update our databases, or launch a process after ensuring the process is done.

Creating and Processing an order using the PayPal REST APIs

By

I am happy to announce that we’ve added the ability to create and process an order to the PayPal REST APIs.

Getting Started

To get started, follow this tutorial. To create and process an order, you can use the following steps:

  1. Create the order.
  2. Get customer approval.
  3. Execute the order.
  4. Authorize an order.
  5. Capture an order.

Creating a PayPal Order indicates that the buyer has consented to the purchase but does not place the funds on hold. After creating the Order, you can capture the order directly without any additional authorization, or you can create an authorization API call to place funds on hold until you are ready to capture. Since the order does not place funds on hold, it is advised that you follow the second approach and create an authorization instead of capturing an Order directly.

This technique is often used by merchants who accept orders for varying items, some of which may not be available for shipment at the time the order is placed (for example: a website that allows customers to buy multiple items from different retailers with different shipping dates, managing the retailer billing as each item ships). Subsequent basic authorizations are made as the items become available. These authorizations ensure that the customer still has the funds available to purchase each item. You can make up to 10 basic authorizations for each Order.

An order is valid for 29 days. Within this period, you can request one or many authorizations to ensure the availably of funds. The sum of the total open authorizations can’t exceed 115% or $75 (whichever is less) of the amount provided to PayPal when the order was created.

To Infinity and Beyond!

Payments have always been very exciting to us and we look forward to see what cool applications you build with these new REST APIs.

As always your feedback is welcome and we look forward to find ways to improve and serve you better.

PayPal Cordova Plugin released

By

With the release of our PayPal Mobile SDK v2 we’ve also published a plugin for Cordova / PhoneGap to make the integration of PayPal in cross-platform projects as easy and intuitive as possible. As you might remember we’ve had a plugin for PhoneGap before which is going to be deprecated in favour of the new SDK. Version 3 adds lots of great functionality like package manager that helps making the life of JavaScript developers easier.

Getting started

To setup the project and install the required dependencies please follow the steps outlined here. The plugin adds 2 files that need to be used in your project cdv-plugin-paypal-mobile-sdk.js and paypal-mobile-js-helper.js.

cdv-plugin-paypal-mobile-sdk.js is a wrapper around the SDK and provides access to the PayPalMobile object. By adding paypal-mobile-js-helper.js you get access to PayPalPayment, PayPalPaymentDetails and PayPalConfiguration which is needed for the client’s configuration.

A basic example implementation can be found here. The example showcases both the usage of simple PayPal payments and our newly added Future Payments which authorize multiple payments.

Feedback

Found any issue or just have general feedback? We’d love to hear about it over here!

Temboo and the PayPal API

By

temboo_vaughn_bioAbout the author: Vaughn Shinall does business development for Temboo, working to connect developers, web services, and more for the next generation of applications.

Want to to use the PayPal and several other APIs without spending hours reading documentation? Then you should know about Temboo. Temboo provides normalized access to over 100 APIs, saving you the effort of learning how to use each one. And that means more time to experiment with new APIs and to focus on the creative side of development instead of reinventing the API wheel. The Temboo

Library contains over 1800 special methods called Choreos (as in choreography) for a wide range of APIs, and in this post I’ll walk you through how to use Temboo to check an account balance with the PayPal API. Once you’ve learned how to use this Choreo, you’re ready to use all our other Choreos for PayPal and every API in our Library–that’s the power of Temboo.

Step 1 – Get A Temboo Account

Go to Temboo.com and enter your email address on the home page. After confirming your email address and setting up an account name and password, you’ll have a free Temboo account with access to everything in our Library.

Step 2 – Find the Choreo in Our Library

temboo_1 Be sure you are logged into your account, and go to our Library page. On the left hand side you’ll see a list of all our APIs. Find PayPal, open the Merchants bundle, and select the Get Balance Choreo.

Step 3 – Test Run A Choreo From Your Browser

temboo_2 On the Choreo page you’ll see all the required inputs for this action. Scroll down the page to see information on the output the API returns for the Choreo, sample code (more on this later), and a description of the Choreo. Back at the top of the page, you can enter the inputs and any optional inputs you choose. In this instance, I’m entering the password, signature, and username from my PayPal developer test account and setting the optional input to 1, indicating that I’m testing this Choreo against the PayPal sandbox. Now I’m ready to run this Choreo from my browser by clicking the Try It Out button. temboo_3 After the Choreo has run, you’ll see that the Output box now shows what the PayPal API’s output. My account balance is zero in US dollars. temboo_4 And immediately below that, you’ll see that the Sample Code has now been updated with all the inputs you entered for this Choreo run. This is code that you can copy and paste into your IDE to incorporate a Choreo directly into your application. (Rather than passing my PayPal password, signature, and username through the code, I’ve used Temboo Credentials to wrap them into one credential called ‘PayPalTest’.) Note that you can also select the programming language that you want the sample code in. temboo_5

Step 4 – Run the Choreo from your IDE

Download the Temboo SDK in the language of your choice, and add it to your IDE. (Our tutorials provide detailed instructions.) Then paste the sample code into your project. For this example I am using our Java SDK and an eclipse, so my code looks like this: temboo_6 Note that the first line of code starts my Temboo session by supplying the following Temboo credentials: my account name, the name of the Temboo Application Key I’m using, and the Application Key itself. (Your Application Keys can be found and managed here.) Then I add the following line to have the API output appear in my console:

System.out.println(getBalanceResults.get_Response());

Now I’m ready to run the project, and I get the following output in my console:

L_AMT0=0.00&L_CURRENCYCODE0=USD&TIMESTAMP=2013-07-01T20:05:11Z
&CORRELATIONID=a2b15b35cf174&ACK=Success&VERSION=56.0&BUILD=6561328

And that’s it! Now you know how to use Temboo to run any of the 21 PayPal Choreos–or the hundreds of other Choreos in our Library. Check out Temboo today to see what you can build with the PayPal API.