I posted this question on stackoverflow. After 9 days it had more than 20 views but no answers. I makes me wonder if this approach to creating subscriptions is being used by anyone, even though PayPal recommends it. Thanks for any help. I am really really stuck.
The example shows how to make an HTTP call using curl. That is not an option for me (for reasons that are too long to go into). My understanding is that it is an ordinary HTTP call that can be made from any client. There isn't a fatal flaw in that reasoning, is there? My only options are JavaScript and .Net.
My JavaScript code is as follows. As far as I can tell it perfectly matches the curl example that PayPal gives. Note that in a previous step I loaded the variable myJson with the Json structure from the example at the above PayPal URL. The variable is then used in xhttp.send(myJson):
var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function () { if (this.readyState == 4 && this.status == 200) { console.log(xhttp.responseText); } }; xhttp.open("post", "https://api.sandbox.paypal.com/v1/payments/billing-plans/", false); xhttp.setRequestHeader("Content-type", "application/json"); xhttp.setRequestHeader("Authorization", "Bearer A21AAGmdTiDvfvUmaaCAten63De5gSd8mBkkHY1KoeOzN5USgucVo1A9t1wXZeIw1UciyDcMKzCL8H43G_7ECPKI2BBO_l_Sw"); xhttp.send(myJson); console.log(xhttp.status)
The access code shown in the Authorization Header was obtained using Postman, just as PayPal directs, with the sandbox URL and my sandbox client_id and secret. (Also, in the actual code it is on the same line with Bearer, separated by a space. As shown here, the stack overflow editor wraps it to a new line.)
When I run this, I get an HTTP 403 error. When I Google 403 I get: 403 Forbidden. The client does not have access rights to the content, i.e. they are unauthorized, so server is rejecting to give proper response. Unlike 401, the client's identity is known to the server.
Can anybody help? I've been on this for a couple of days and I'm stumped. Thanks 🙂
