cancel
Showing results for 
Search instead for 
Did you mean: 

(SOLVED) permission denied accessing /payments/sale/

Highlighted
Contributor

(SOLVED) permission denied accessing /payments/sale/

Update:

 

I created new sandbox account of time MERCHANT and linked sandbox app to that account, now when OAuth'ing I also get more scopes:

 

"scope":"https://api.paypal.com/v1/payments/.* https://uri.paypal.com/services/payments/refund https://uri.paypal.com/services/applications/webhooks https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/payments/payment/authcapture https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/disputes/read-buyer https://api.paypal.com/v1/vault/credit-card openid https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/realtimepayment

more permissions and the calls work like a charm. It also seems like not/providing secret changes permissions scopes (which makes sense) - which however should imho be noted in the documentation.

 

===========================================

Original Post:

=========================================== 

Hi,

 

I've registered for a webhook 'PAYMENT.SALE.COMPLETED' event which works fine, after buyer confirms his sale my hook get's called and I get a feed on that sale event - the Event validates fine ( Chain Valid / Data Valid ).

 

Now I want to access that sale information via REST API: https://api.sandbox.paypal.com/v1/payments/sale/<resource_id> which does not allow me so; I get a HTTP 403 with

 

{"name":"PERMISSION_DENIED","message":"No permission for the requested operation","information_link":"https://developer.paypal.com/docs/api/payments/#errors","debug_id":"49c78f68d25fd"}

the OAuth token for this call I have created with same Client-ID which received the Event via Webhook.

 

If I am about to execute a /refund on this sale, the API response tells me: HTTP401 Unauthorized

 

And if I want to obtain the Payment information ( parent_payment link ) it yields to HTTP 400 Bad Request and response is

{"name":"UNAUTHORIZED_PAYMENT","message":"Unauthorized payment","information_link":"https://developer.paypal.com/docs/api/payments/#errors","debug_id":"564de30fd2632"}

When using the www.sandbox.paypal.com dashboard I can see all details of the transaction fine.

 

Do I have to ask someone for special permissions on REST API or what could be the issue?

 

any hint appreciated