PayPal Community

Kreigher · ‎May-03-2020

Hi guys, i am developing an app where merchant can sign in and sell products. In your opinion what's the best implementation i can do, so merchants can enable paypal in their profile? I think that asking them to get client id and secret to enable api is a very bad solution (i have to save it in database too). Is there some flow where i use my own app credentials and enable merchant payment? Or some other solutions? Thanks.

randavis · ‎May-03-2020

My understanding is that if you accept payments on behalf of multiple clients and then distribute funds appropriately that PayPal will consider you to be a marketplace which they do not allow! Plus if your app is really a SaaS, you will probably want to support many different processors (ex Authorize.net, Square API, ...)

As for storing their credentials in a DB, I do not see that being a problem - just make sure to store them with a salted encryption implementation. Also, make sure that you have a unique salt value for these (do not use the salt value that you would use for passwords as an example)

Kreigher · ‎May-03-2020

Well i don't need to receive it on behalf of customers (even if companies like deliveroo or just eat do that :D). Imagine a customer that has a backend profile configurator where he can enable or not paypal as payment. This is my case, i should ask for them to put client id and secret then encrypt them? There is not other solutions?

randavis · ‎May-03-2020

If you have multiple customers - each will have their own credentials obviously.

Your choices are to store them or have the customer send in their credentials at the start of their session. Your server can get the authorization token that can be used for all of the subsequent transactions until the token expires.

So yes, your choices come down to storing them or forcing the customers to submit them at the start of their session....

PayPal Community

Best paypal implementation

Haven't Found your Answer?