Http methods
Get (read), header, post(create), put(update), trace, delete(delete)
API keys are used for
API flow sequence
- Limit API usage, security
API flow sequence
- Log in to PayPal developer site - register your application by logging into the PayPal Developer site using a PayPal account, and by going to the Applications tab.
- PayPal provides a client_id and secret - You will be issued a set of test credentials (‘client_id’ and ‘secret’) that you can use to authenticate your API calls using the OAuth 2.0 protocol.
- Client calls /token endpoint with client_id and secret_key - You then obtain an access token for your application by sending a request to the ‘/v1/oauth2/token’ endpoint. You need to authenticate your access token request (using HTTP Basic Auth) with your application credentials (client_id and secret_key) obtained as described above. The ‘client_id’ and ‘secret’ becomes your user-id and password in HTTP Basic Auth. If you’re using cURL, you can pass the client_id and secret as -u "
: " - PayPal returns the access token - PayPal, acting as the “authorization server”, verifies your application credentials and returns an access token. The specific kind of access token that PayPal provides is a “Bearer Token”. PayPal also provides the token type in the response, which indicates the type as Bearer.
- Client calls PayPal Rest API with access token - When you make the API calls, make request by adding the access token in the ‘Authorization’ header using the following syntax (as defined in the OAuth 2.0 protocol):
- Access token validity and expiration - PayPal-issued access tokens can be used to access all the REST API endpoints. These tokens have a finite lifetime and you must write code to detect when an access token expires. You can do this either by keeping track of the ‘expires_in’ value returned in the response from the token request (the value is expressed in seconds), or handle the error response (401 Unauthorized) from the API endpoint when an expired token is detected.
No comments:
Post a Comment