Permissions error on button manager API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm unable to access the BMButtonSearch function in the sandbox environment. The same code seems to work fine in the live environment.
I get an error like this:
{'ACK': 'Failure', 'BUILD': '53816562', 'L_SHORTMESSAGE': ['Authentication/Authorization Failed'], 'L_LONGMESSAGE': ['You do not have permissions to make this API call'], 'CORRELATIONID': '5eab876ee733', 'L_ERRORCODE': ['10002'], 'L_SEVERITYCODE': ['Error'], 'TIMESTAMP': '2020-02-17T21:16:39Z', 'VERSION': '71.0'}
But when I inspect my access token with the GetPermissions API, it appears to have the correct scope:
{ "responseEnvelope": { "correlationId": "11a53d1044253", "ack": "Success", "build": "identitypermissionserv-0.0.4_20190823141321487", "timestamp": "2020-02-17T13:17:34.451-08:00" }, "scope": [ "BUTTON_MANAGER" ] }
Has something changed in the sandbox that's preventing access?
- Labels:
-
API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for posting to the PayPal Merchant Technical Support Community.
The Button Manager API for new integrations was deprecated, however, you can still use it in Sandbox.
There are a few reasons you may be receiving a Permissions Errors:
- You are pointed to Sandbox Servers and using Live API Credentials (Verify you are using Sandbox credentials)
- You have not granted 3rd Party Permissions to your app in Sandbox
Thank you,
Jennifer
PayPal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jennifer,
I'm able to use this access token to call GetPermissions on the sandbox, so it seems to be a valid sandbox credential. I used https://svcs.sandbox.paypal.com/Permissions/GetPermissions to make that call, and https://api-3t.sandbox.paypal.com/nvp to make the button manager call.
I've verified that the GetPermissions call includes BUTTON_MANAGER scope, and I also verified that logging in to the sandbox and managing my granted permissions says that I have granted "Create and manage PayPal payment buttons on your website" to my sandbox app.
Any other suggestions?
Thanks,
Kevin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kevin,
Can you please comment your merchant id on your sandbox account? I can look at a few settings on your sandbox account.
Thanks,
Jennifer
PayPal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kevin,
I verified that you did grant the correct permissions to a specific user:
BMCreateButton, BMUpdateButton, BMManageButtonStatus, BMGetButtonDetails, BMSetInventory, BMGetInventory, BMButtonSearch |
Can you do me a favor and change the API credentials to the same API Credentials that belong to the Sandbox Account that you commented and see if you receive the same error.
Also please note I did a search and found that the Hosted Buttons for that sandbox account were created in 2018 so make sure your start date is 2018-01-01T05:38:48Z
Thank you,
Jennifer
PayPal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I confirmed that I was able to access BMButtonSearch using the API credentials for that user.
Just to make sure, I tried getting another access token for that user. I'm still unable to access it using that token:
{'ACK': 'Failure', 'BUILD': '53816562', 'L_SHORTMESSAGE': ['Authentication/Authorization Failed'], 'L_LONGMESSAGE': ['You do not have permissions to make this API call'], 'CORRELATIONID': 'c925f629d5f89', 'L_ERRORCODE': ['10002'], 'L_SEVERITYCODE': ['Error'], 'TIMESTAMP': '2020-02-20T18:38:17Z', 'VERSION': '71.0'}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kevin,
Thank you for posting the fresh logs. The back end server is throwing an error that the signature is invalid. For your API caller, make sure that when you are pasting in the signature there are no spaces before or after. Also you may want to do a var dump to make sure that the signature information is not being changed with the API Caller.
Thank you,
Jennifer
PayPal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jennifer,
I confirmed there are no extra spaces in the credentials, and that the buttons created are after the search date.
I wrote a script using the PHP SDK that I can reproduce the issue with:
<?php
require 'vendor/autoload.php';
use PayPal\PayPalAPI\BMButtonSearchReq;
use PayPal\PayPalAPI\BMButtonSearchRequestType;
use PayPal\Service\ButtonManagerService;
use PayPal\Service\PermissionsService;
use PayPal\Types\Perm\GetAccessTokenRequest;
use PayPal\Types\Perm\RequestPermissionsRequest;
$config = array(
"mode" => "sandbox",
'log.LogEnabled' => true,
'log.FileName' => 'PayPal.log',
'log.LogLevel' => 'FINE',
"acct1.UserName" => "*****",
"acct1.Password" => "*****",
"acct1.Signature" => "*****",
);
// Create request token for permissions
$scope = 'BUTTON_MANAGER';
$returnURL = 'http://localhost:8888';
$permissionsRequest = new RequestPermissionsRequest($scope, $returnURL);
$permissions = new PermissionsService($config);
$permissionsResponse = $permissions->RequestPermissions($permissionsRequest);
$requestToken = $permissionsResponse->token;
echo "Go to this URL and log in: https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_grant-permission&request_token=" . urlencode($requestToken) . "\n";
$callbackURL = readline("Paste back the resulting URL:\n");
$callbackURL = parse_url($callbackURL);
parse_str($callbackURL['query'], $query);
// Create access token and secret
$tokenRequest = new GetAccessTokenRequest();
$tokenRequest->token = $query['request_token'];
$tokenRequest->verifier = $query['verification_code'];
$tokenResponse = $permissions->GetAccessToken($tokenRequest);
$config['acct1.accessToken'] = $tokenResponse->token;
$config['acct1.tokenSecret'] = $tokenResponse->tokenSecret;
// Search for buttons using access token
$buttonSearchRequest = new BMButtonSearchRequestType();
$buttonSearchRequest->StartDate = '1990-01-01T00:00:00Z';
$buttonSearchReq = new BMButtonSearchReq();
$buttonSearchReq->BMButtonSearchRequest = $buttonSearchRequest;
$paypalService = new ButtonManagerService($config);
$buttonSearchResponse = $paypalService->BMButtonSearch($buttonSearchReq);
var_dump($buttonSearchResponse);
?>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jennifer,
I noticed that at 17:04:58 UTC today I was able to get a successful response back from the button manager API.
But when I went to try it again at 18:12:39, it's back to the same error message: "You do not have permissions to make this API call".
Any ideas?
Thanks,
Kevin
- « Previous page
-
- 1
- 2
- Next page »
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Change the button from Sandbox to Production in REST APIs
- Encrypted subscription button has stopped working in NVP/SOAP APIs
- Authorization failed due to insufficient permissions in PayPal Payments Standard
- Manage shopping cart button page changes worst format in 22 years! in PayPal Payments Standard
- Paypal Button update: "Access Denied... You don't have permission to access "/us/cgi-bin/webscr..." in PayPal Payments Standard