I am using the REST APIs to execute payments. I know that the documented steps are:
- Create a payment
- Redirect the user to the Payal approval URL obtained from the payment creation
- The user enters payment information and is redirected to the return URL
- Execute the payment unless it has been canceled by the user
After the payment is executed, it is possible to retrieve the payment once again and check that the payment status is 'approved' and the state of the sale now available in the payment is 'completed'.
Is this all that needs to be done for me to assume that I will get the money and update my back office? Or should I only update my back office once I receive the PAYMENT.SALE.COMPLETED (which implies more development on my side, of course)?
According to this answer on stackoverflow:
"At the moment where you (in your success URL) do $payment->execute($paymentExecution,$api); , you ask Paypal to charge the amount from user. BUT also after this, you got no Money. Paypal have first to process the charging and notify you later via WebhookEvents. The Webhook Notification (with that nasty delay) is especially important when the user pays per direct debit or Credit Card etc. Processing such Payments takes few seconds/minutes. [...] so i would recommend you to update your Database(Payment completed) only after receiving notofications via WebhookEvent Listener and not in the success RedirectUrl."
Do you approve of this recommendation? Can the payment execution take so long that it is better to wait for the event notification in a webhook?
