New to the community? Welcome! Please read our Community Rules and Guidelines
If you want to report illegal content under the EU Digital Services Act, please do so here
Update:
I created new sandbox account of time MERCHANT and linked sandbox app to that account, now when OAuth'ing I also get more scopes:
"scope":"https://api.paypal.com/v1/payments/.* https://uri.paypal.com/services/payments/refund https://uri.paypal.com/services/applications/webhooks https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/payments/payment/authcapture https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/disputes/read-buyer https://api.paypal.com/v1/vault/credit-card openid https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/realtimepayment
more permissions and the calls work like a charm. It also seems like not/providing secret changes permissions scopes (which makes sense) - which however should imho be noted in the documentation.
===========================================
Original Post:
===========================================
Hi,
I've registered for a webhook 'PAYMENT.SALE.COMPLETED' event which works fine, after buyer confirms his sale my hook get's called and I get a feed on that sale event - the Event validates fine ( Chain Valid / Data Valid ).
Now I want to access that sale information via REST API: https://api.sandbox.paypal.com/v1/payments/sale/<resource_id> which does not allow me so; I get a HTTP 403 with
{"name":"PERMISSION_DENIED","message":"No permission for the requested operation","information_link":"https://developer.paypal.com/docs/api/payments/#errors","debug_id":"49c78f68d25fd"}
the OAuth token for this call I have created with same Client-ID which received the Event via Webhook.
If I am about to execute a /refund on this sale, the API response tells me: HTTP401 Unauthorized
And if I want to obtain the Payment information ( parent_payment link ) it yields to HTTP 400 Bad Request and response is
{"name":"UNAUTHORIZED_PAYMENT","message":"Unauthorized payment","information_link":"https://developer.paypal.com/docs/api/payments/#errors","debug_id":"564de30fd2632"}
When using the www.sandbox.paypal.com dashboard I can see all details of the transaction fine.
Do I have to ask someone for special permissions on REST API or what could be the issue?
any hint appreciated