Hello, I am trying to setup a hosted fields payment checkout but get an error ``` Payment could not be captured! {"name":"NOT_AUTHORIZED","details":[{"issue":"PERMISSION_DENIED","description":"You do not have permission to access or perform operations on this resource."}],"message":"Authorization failed due to insufficient permissions.","debug_id":"f74667379ba92","links":[{"href":"https://developer.paypal.com/docs/api/orders/v2/#error-PERMISSION_DENIED","rel":"information_link"}]} ``` https://cors.api.sandbox.paypal.com/v2/checkout/orders/skljnf94545vmnkjd-rnj1/confirm-payment-source returns a 403 error The createOrder seems to work fine but I would say it fails when capturing. I use the following code ``` <script src="https://www.paypal.com/sdk/js?components=buttons,hosted-fields&debug=true&intent=capture&client-id={$PAYPAL_CLIENT_ID}" data-client-token="{$paypal_token}"></script> <script> // If this returns false or the card fields aren't visible, see Step #1. if (paypal.HostedFields.isEligible()) { let orderId; // Renders card fields paypal.HostedFields.render({ // Call your server to set up the transaction createOrder: () => { return fetch("/checkout-create-order", { method: "POST", headers: { "Content-Type": "application/json", }, // use the "body" param to optionally pass additional order information like // product ids or amount. body: JSON.stringify({ purchase_units: [ { amount: { currency_code: "USD", value: "100.00" }, reference_id: "***********" } } ], payer: { email_address: "**********" }, intent: "CAPTURE", payment_source: { paypal: { experience_context: { payment_method_preference: "IMMEDIATE_PAYMENT_REQUIRED", payment_method_selected: "PAYPAL", brand_name: "EXAMPLE INC", locale: "en-US", landing_page: "BILLING", shipping_preference: "SET_PROVIDED_ADDRESS", user_action: "PAY_NOW", return_url: "https://www.website.co.uk/returnUrl", cancel_url: "https://www.website.co.uk/cancelUrl" } } } }) }) .then((res) => res.json()) .then((orderData) => { orderId = orderData.id; // needed later to complete capture return orderData.id }) .catch((err) => { // Here handle error alert(err); }); }, styles: { '.valid': { color: 'green' }, '.invalid': { color: 'red' } }, fields: { number: { selector: "#card-number", placeholder: "4111 1111 1111 1111" }, cvv: { selector: "#cvv", placeholder: "123" }, expirationDate: { selector: "#expiration-date", placeholder: "MM/YY" } } }).then((cardFields) => { document.querySelector("#card-form").addEventListener("submit", (event) => { event.preventDefault(); cardFields .submit({ // Cardholder's first and last name cardholderName: document.getElementById("card-holder-name").value, // Billing Address billingAddress: { // Street address, line 1 streetAddress: document.getElementById( "card-billing-address-street" ).value, // Street address, line 2 (Ex: Unit, Apartment, etc.) extendedAddress: document.getElementById( "card-billing-address-unit" ).value, // State region: document.getElementById("card-billing-address-state").value, // City locality: document.getElementById("card-billing-address-city") .value, // Postal Code postalCode: document.getElementById("card-billing-address-zip") .value, // Country Code countryCodeAlpha2: document.getElementById( "card-billing-address-country" ).value, }, }) .then(() => { fetch('/checkout-capture-order/' + data.orderID, { method: "POST", }) .then((res) => res.json()) .then((orderData) => { console.log("sssssssssssss"); // Two cases to handle: ?order=${orderId} // (1) Non-recoverable errors -> Show a failure message // (2) Successful transaction -> Show confirmation or thank you // This example reads a v2/checkout/orders capture response, propagated from the server // You could use a different API or structure for your 'orderData' var errorDetail = Array.isArray(orderData.details) && orderData.details[0]; if (errorDetail) { var msg = "Sorry, your transaction could not be processed."; if (errorDetail.description) msg += "\n\n" + errorDetail.description; if (orderData.debug_id) msg += " (" + orderData.debug_id + ")"; return alert(msg); // Show a failure message } // Show a success message or redirect alert("Transaction completed!"); }); }) .catch((err) => { alert("Payment could not be captured! " + JSON.stringify(err)); }); }); }); } else { // Hides card fields if the merchant isn't eligible document.querySelector("#card-form").style = 'display: none'; } ``` Whenever I click the pay button I get permission denied. I checked the account has acdc (card payment) enabled, but apart from that I am not sure what permission I am supposed to look at Can anyone suggest something? Thanks
... View more