PERMISSION_DENIED trying to refund capture in live mode

79ware
Contributor
Contributor
Posted on
‎Nov-13-2024 07:39 AM

In rest v2 using sandbox accounts, I can successfully Authorize, Capture and then Refund a Payment to a 3rd party specified in the payee object (when the order is created). When I try to do the same in live, I can Capture the payment, but for the Refund get "PERMISSION_DENIED You do not have permission..." Alternatively trying to provide the payee in a "Paypal-Auth-Assertion" header at Authorize step, works again in sandbox, but in live fails at the Authorize step with "resource does not exist."

 

Notes:

  • It is frustrating that the sandbox does not simulate the same permissions as live.
  • I am trying to re-create what we had been able to do with ExpressCheckout by putting the payee into the SIGNATURE field, and having the Payee add us to their Third Party API Permissions. I assume the Third Party API Permissions screen applies exclusively to the old SOAP APIs. Can someone clearly outline or direct me to the simplest steps to accomplish this with the Rest API?
Login to Me Too
Login to Reply or Kudo
1 REPLY 1

79ware
Contributor
Contributor
‎Nov-17-2024 02:07 PM

After a lot of digging, and trial-and-error testing, I seem to have been able to get the REST API Advanced PayPal Checkout flow Create+Authorize+Capture+Refund to work.

 

Additional background notes:

  • The failing Refund was not limited to live mode as I previously thought, but also failed in sandbox IF the sandbox accounts came from different PayPal business accounts. Using sandbox accounts from within the same developer account seems to ignore permissions.
  • Despite suggestions that 3rd Party API credentials need to be established here, I still see no clear link between the 3rd Party API Permissions and the REST API. Maybe someone can confirm this.
  • Becoming a PayPal Partner may not be necessary here. In any case, it's probably a good idea (and look forward to understanding it better)--just feels a little backwards (it wasn't necessary with ExpressCheckout) and bureaucratic (redundant questioning) at this point.

 

The REST API steps that have worked:

  1. Include the 3rd party payee merchant ID in the Javascript configuration that is loading the payment buttons.
  2. Create: /v2/checkout/orders - include the payee merchant id in the order's payee object.
  3. Authorize: /v2/checkout/orders/ORDERID/authorize - DO NOT include the PayPal-Auth-Assertion header.
  4. Capture: /v2/payments/authorizations/AUTHORIZATIONID/capture - PayPal-Auth-Assertion does not seem to matter here.
  5. Refund: /v2/payments/captures/CAPTUREID/refund - DO include PayPal-Auth-Assertion with the payee merchant id.

Also, Void: /v2/payments/authorizations/AUTHORIZATIONID/void - does not seem to require PayPal-Auth-Assertion.

Login to Me Too
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.