I am thinking of developing a simple web app to enable PayPal merchants to receive payments from their customers. Merchants manage their own API credentials (REST API: client id and secret; that's all). They invite their own customers (users) who will log in with a simple 6-digit numeric access key and make payments to the merchant. A unique access Key is associated with a merchant. All this web app does is facilitate merchants to add their REST API credentials (client id and secret) to a data store and when customers attempt to pay, web app reads the credentials from the data store, make REST api calls (using the REST SDK) to complete the payment which involves payment approval from customer on the PayPal's own login and approval screens. My question is: 1. Does this scenario call for Permissions service usage? 2. Does this web app need any approvals or permissions from PayPal?
... View more