- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sending a request using the following code:
$api_request = 'USER=' . urlencode('ouruser') . '&PWD=' . urlencode('ourpass') . '&SIGNATURE=' . urlencode('oursignature') . '&VERSION=76.0' . '&METHOD=ManageRecurringPaymentsProfileStatus' . '&PROFILEID=' . urlencode($subId) . '&ACTION=' . urlencode('Cancel') . '&NOTE=' . urlencode( 'Profile cancelled by PSGADMIN' ); $ch = curl_init(); curl_setopt( $ch, CURLOPT_URL, 'https://api-3t.paypal.com/nvp' ); curl_setopt( $ch, CURLOPT_VERBOSE, 1 ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt( $ch, CURLOPT_POST, 1 ); curl_setopt( $ch, CURLOPT_POSTFIELDS, $api_request ); $response = curl_exec( $ch );
Sending using PHP and the response I get back looks likje:
Array ( [TIMESTAMP] => 2018-02-08T15:05:39Z [CORRELATIONID] => 44f5a6f13e3b8 [ACK] => Failure [VERSION] => 76.0 [BUILD] => 39206242 [L_ERRORCODE0] => 10002 [L_SHORTMESSAGE0] => Security error [L_LONGMESSAGE0] => Security header is not valid [L_SEVERITYCODE0] => Error )
I have double and triple checked the credentials we're sending (above I have just said ouruser, ourpass etc) but what could be triggering this error?
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can clear any doubt by making a call directly to the ExpressCheckout endpoint using your API credentials. If it fails then there is something in your API credentials but if it is successful like I think then something in your integration/module is not passing the correct API credentials to PayPal.
Just run the html form below into your browser and replace the API credentials with yours. Then click the button "SetExpressCheckout" at the bottom and see the result, you can see that you are making a basic SetExpressCheckout API call towards the live endpoint https://api-3t.paypal.com/nvp:
<form method="post" action="https://api-3t.paypal.com/nvp">
API Username: <input type="text" name="USER" value="uk-3xxxx"> <br>
API Password: <input type="text" name="PWD" value="D25xxxxx"> <br>
API Signature: <input type="text" name="SIGNATURE" value="A7yWAlFxxxx"> <br>
Version: <input type="text" name="VERSION" value="204"> <br>
Paymentaction: <input type="text" name="PAYMENTREQUEST_0_PAYMENTACTION" value="sale"> <br>
Amount: <input type="text" name="PAYMENTREQUEST_0_AMT" value="7.50"> <br>
Item Amount: <input type="text" name="PAYMENTREQUEST_0_ITEMAMT" value="7.50"> <br>
Currency: <input type="text" name="PAYMENTREQUEST_0_CURRENCYCODE" value="USD"> <br>
ReturnURL: <input type="text" name="returnUrl" value="http://www.mywebsite.com/success.html"> <br>
CancelURL: <input type="text" name="cancelUrl" value="http://www.mywebsite.com/cancel.html"> <br>
SolutionType: <input type="text" name="solutiontype" value="Sole"> <br>
<br>
<input type="submit" name="METHOD" value="SetExpressCheckout"> <br>
</form>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey there, removed the URL encoding and still get the same error. I had also posted this to sandbox to see if I had the credentials mixed up but I get the same error. Anyway, with urlencode removed I get:
Array ( [TIMESTAMP] => 2018-02-13T00:41:47Z [CORRELATIONID] => 442f8cee5e57 [ACK] => Failure [VERSION] => 76.0 [BUILD] => 39206242 [L_ERRORCODE0] => 10002 [L_SHORTMESSAGE0] => Security error [L_LONGMESSAGE0] => Security header is not valid [L_SEVERITYCODE0] => Error )
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also, it would be good to review the RAW request that includes the actual values being sent to PayPal so you can compare with the values that you're expecting to have there.
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can clear any doubt by making a call directly to the ExpressCheckout endpoint using your API credentials. If it fails then there is something in your API credentials but if it is successful like I think then something in your integration/module is not passing the correct API credentials to PayPal.
Just run the html form below into your browser and replace the API credentials with yours. Then click the button "SetExpressCheckout" at the bottom and see the result, you can see that you are making a basic SetExpressCheckout API call towards the live endpoint https://api-3t.paypal.com/nvp:
<form method="post" action="https://api-3t.paypal.com/nvp">
API Username: <input type="text" name="USER" value="uk-3xxxx"> <br>
API Password: <input type="text" name="PWD" value="D25xxxxx"> <br>
API Signature: <input type="text" name="SIGNATURE" value="A7yWAlFxxxx"> <br>
Version: <input type="text" name="VERSION" value="204"> <br>
Paymentaction: <input type="text" name="PAYMENTREQUEST_0_PAYMENTACTION" value="sale"> <br>
Amount: <input type="text" name="PAYMENTREQUEST_0_AMT" value="7.50"> <br>
Item Amount: <input type="text" name="PAYMENTREQUEST_0_ITEMAMT" value="7.50"> <br>
Currency: <input type="text" name="PAYMENTREQUEST_0_CURRENCYCODE" value="USD"> <br>
ReturnURL: <input type="text" name="returnUrl" value="http://www.mywebsite.com/success.html"> <br>
CancelURL: <input type="text" name="cancelUrl" value="http://www.mywebsite.com/cancel.html"> <br>
SolutionType: <input type="text" name="solutiontype" value="Sole"> <br>
<br>
<input type="submit" name="METHOD" value="SetExpressCheckout"> <br>
</form>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Received an error. I'll get in there and see about API credentials again today. Maybe I'm using the wrong ones. I logged into my personal business account and got the API credentials and they worked fine in this test. I'll have to get my bosses to check their account again for me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just wanted to update on this - apparently Paypal API keys last for three years (at least the NVP/SOAP ones) and ours was generated 6 years ago. Generated new ones and it worked fine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi I've run the form, with fresh credentials and still get the error
Security%20header%20is%20not%20valid
TIMESTAMP=2018%2d12%2d01T00%3a10%3a55Z&CORRELATIONID=8606a202f333&ACK=Failure&VERSION=204&BUILD=000000&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Security%20error&L_LONGMESSAGE0=Security%20header%20is%20not%20valid&L_SEVERITYCODE0=Error
What to try now?
Thanks Aaron
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi I've run the form, with a new credentials and get ths message:
TOKEN=EC%2d3K937197PC0555901&TIMESTAMP=2019%2d08%2d03T00%3a23%3a14Z&CORRELATIONID=fd779b97f6d01&ACK=Success&VERSION=204&BUILD=53374502
what now?
how can I pass card information for complete the purchase?
what parameters I need to use?
can you help me please
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Need help to integrate PayPal Checkout (PPCP) with OpenCart? in PayPal Upgrade Community
- I'm getting error once user try to pay via PayPal - NVP/SOAP Api Integration in NVP/SOAP APIs
- Problem setting up Third-Party API Users in NVP/SOAP APIs
- I Have PayPal API Billing Authentication Failure Python-Flask in REST APIs
- Direct credit card payment not working in paypal codeigniter in PayPal Payments Standard