Integration Guide
Table Of Contents
- PayPal Express Checkout Integration Guide
- Contents
- Preface
- Getting Started With Express Checkout
- Express Checkout User Interface Requirements
- Related API Operations
- Integrating Express Checkout With PayPal SDKs
- Going Live With Your Express Checkout Integration
- Obtaining API Credentials
- PayPal Name-Value Pair API Basics
- PayPal SOAP API Basics
- PayPal WSDL/XSD Schema Definitions
- PayPal SOAP API Definitions
- Security
- SOAP RequesterCredentials: Username, Password, Signature, and Subject
- SOAP Service Endpoints
- SOAP Request Envelope
- Request Structure
- SOAP Message Style: doc-literal
- Response Structure
- Error Responses
- CorrelationID for Reporting Problems to PayPal
- UTF-8 Character Encoding
- Date/Time Formats
- Core Currency Amount Data Type
Express Checkout Integration Guide August 7, 2012 25
Getting Started With Express Checkout
Troubleshooting Your Express Checkout Integration
7. Review the response string from the DoExpressCheckoutPayment API operation.
If the operation was successful, the response should include ACK set to Success, as
follows:
TIMESTAMP=2007%2d04%2d05T23%3a30%3a16Z
&CORRELATIONID=333fb808bb23
ACK=Success
&VERSION=XX%2e000000
&BUILD=1%2e0006
&TOKEN=EC%2d1NK66318YB717835M
&PAYMENTREQUEST_0_TRANSACTIONID=043144440L487742J
&PAYMENTREQUEST_0_TRANSACTIONTYPE=expresscheckout
&PAYMENTREQUEST_0_PAYMENTTYPE=instant
&PAYMENTREQUEST_0_ORDERTIME=2007%2d04%2d05T23%3a30%3a14Z
&PAYMENTREQUEST_0_AMT=19%2e95
&PAYMENTREQUEST_0_CURRENCYCODE=USD
&PAYMENTREQUEST_0_TAXAMT=0%2e00
&PAYMENTREQUEST_0_PAYMENTSTATUS=Pending
&PAYMENTREQUEST_0_PENDINGREASON=authorization
&PAYMENTREQUEST_0_REASONCODE=None
Security Issues
You must always be concerned with protecting sensitive data. This not only includes your API
credentials, but also any data exposed in a client’s browser, such as data about the transaction
stored in cookies.
In the simplest examples, such as the ones provided by PayPal to demonstrate Express
Checkout usage, the API credentials may be exposed. Thus, if you copy code from
examples or SDKs, you should always review your website for security issues and correct
them before you go live with your website.
Encrypt all saved information related to the PayPal transaction. For example, if you keep
order status information in a cookie, make sure the information is encrypted.
Use a secure transmission protocol, such as HTTPS to transfer information between your
site and PayPal. Do not use HTTP or insecure cURL.
Troubleshooting Your Express Checkout Integration
If you have trouble with your integration, there are several things you can check first. If you
try them yet continue to have problems, you can also contact Merchant Technical Support
(MTS).
If you cannot resolve the issue yourself, you will need to gather some basic information before
contacting MTS, including a log of the actions that led to the error. You can contact MTS at
https://www.paypal.com/mts.