Order capture started to return 403 after account type was changed from personal to business

rikus23
Contributor
Contributor
Posted on
‎Nov-20-2023 09:47 AM

We have a JavaScript-based web UI which imports the PayPal buttons using the following HTML tag:

 

<script src="https://www.paypal.com/sdk/js?client-id=clientId"></script>

 

A customer uses said buttons to make a purchase.

Both the order creation and capture are forwarded to our backend where REST requests are made to these endpoints:

  1. POST https://api-m.sandbox.paypal.com/v2/checkout/orders/
  2. POST https://api-m.sandbox.paypal.com/v2/checkout/orders/:orderId/capture

 

Everything worked nicely. But around the time I upgraded this PayPal account, which is hosting our developer sandbox, from personal to business, the requests for capture started returning:

{
    "name": "NOT_AUTHORIZED",
    "details": [
        {
            "issue": "PERMISSION_DENIED",
            "description": "You do not have permission to access or perform operations on this resource."
        }
    ],
    "message": "Authorization failed due to insufficient permissions.",
    "debug_id": "c0cc02787b8d5",
    "links": [
        {
            "rel": "information_link"
        }
    ]
}

I followed the instructions from here and created a new app with new client ID and secret to test with. But it didn't help, the problem persists. Any ideas how to move forward?

I think there's likely something wrong with the sandbox itself, but I've already enabled all features for the sandbox app. So I don't know what else to do.
Login to Me Too
0 Kudos
Login to Reply or Kudo
5 REPLIES 5

Kavyar
Moderator
Moderator
‎Nov-21-2023 03:31 AM

Good day @rikus23 

 

Thank you for posting to the PayPal community.

 

I kindly suggest you check the API credentials you are currently using. It is important to note that your LIVE account API credentials can only be used within your LIVE environment, while your SANDBOX account API credentials can only be used within your SANDBOX environment. The credentials are not interchangeable between the two environments.

 

For more information, kindly refer to the detailed guide link below:

 

https://developer.paypal.com/api/rest/authentication/

https://developer.paypal.com/api/rest/postman/ 

 

I would recommend ensuring that you use the same SANDBOX  REST API Credentials(Client ID & Secret) when executing both the create order API and the capture order API.

 

Can you please try now by creating a new order and capture the order with the same API credentials.

 

If your still facing issues, please create an MTS ticket via - https://www.paypal-support.com/s/?language=en_US  with the detailed information and error details.

 

Sincerely,

Kavya

PayPal MTS

 

If this post or any other was helpful, please enrich the community by giving kudos or accepting it as a solution.

Login to Me Too
0 Kudos
Login to Reply or Kudo

rikus23
Contributor
Contributor
‎Nov-21-2023 11:10 AM

It is my deeply held view that I am already creating and capturing the order with the same set of client ID and secret from within the same sandbox.
The PayPal buttons module is injected with the sandbox's client ID like this:

 

  <script src="https://www.paypal.com/sdk/js?client-id=AYc..."></script>

 

Then, using the same client ID and its secret, the order creation is authorized in the backend like so:

 

var authString = $"{_clientId}:{_clientSecret}";
var base64AuthString = Convert.ToBase64String(Encoding.ASCII.GetBytes(authString));
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64AuthString);
_httpClient.BaseAddress = new Uri($"{_paypalUrl}checkout/orders/");

 

After order creation, the user is prompted to accept the order in the frontend. After which the PayPal module from the script tags returns a facilitatorAccessToken, which is used to authorise the capture request, like so:

 

_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
_httpClient.BaseAddress = new Uri($"{_paypalUrl}checkout/orders/{orderId}/capture");

 

After which the capture endpoint returns 403.
We haven't changed application code. But still it doesn't work. And to make things clear, we're using the sandbox: "https://api-m.sandbox.paypal.com/v2/"

Login to Me Too
0 Kudos
Login to Reply or Kudo

Kavyar
Moderator
Moderator
‎Nov-27-2023 06:04 AM

Good day @rikus23 

 

I kindly request that you create an MTS ticket by using the provided  https://www.paypal-support.com/s/?language=en_US link. Please ensure that the ticket includes detailed information and error details.

 

Sincerely,

Kavya

PayPal MTS

Login to Me Too
0 Kudos
Login to Reply or Kudo

Adverthouse
Member
Member
‎Dec-08-2023 03:34 AM

I have same problem here and getting 403 error !! This is very meaningless. System creating order but not getting capture

Login to Me Too
0 Kudos
Login to Reply or Kudo

Adverthouse
Member
Member
‎Dec-08-2023 03:41 AM

@Kavyar  There are millions of same problem in paypal 403 ???? What does it mean ? Why don't you fix that ????   Why you don't gave a .net core sdk properly ? 

Login to Me Too
0 Kudos
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.