Hello!
I'm using HATEOAS links from PayPal capture object to issue full or partial refunds. Today this operation started failing (in sandbox environment) with the following error:
{"issue":"NOT_AUTHORIZED","description":"Authorization failed due to insufficient permissions."}
I checked the access token and found out that it doesn't have V2 API scopes for some reason.
Refund link looks like this: https://api.sandbox.paypal.com/v2/payments/captures/***********/refund
Access token scopes are: https://uri.paypal.com/services/payments/futurepayments https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/disputes/update-seller openid https://uri.paypal.com/services/disputes/read-seller https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks
Notice that scopes have V1 payment APIs listed but not V2.
Again this is a sandbox environment, I'm not sure if the same problem is affecting production. Is there any explanation for this?
Sincerely,
Ilya
