PayPal Error 10002 Using Permissions API and TransactionSearch

StackOverflow https://stackoverflow.com/questions/23207464

  •  07-07-2023
  •  | 
  •  

Question

I have a permissions request that looks like this:

timestamp, signature = genPermissionsAuthHeader.getAuthHeader(str(self.username), str(self.password), str(access_token), str(token_secret), "POST", "https://api-3t.sandbox.paypal.com/nvp") # https://svcs.sandbox.paypal.com/Permissions/GetBasicPersonalData
        log.info(timestamp)
        log.info(signature)
    authorization_header = "timestamp=" + timestamp + ",token=" + access_token + ",signature=" + signature
    log.info(authorization_header)

    headers = {
        "X-PAYPAL-AUTHORIZATION": authorization_header,
    }

    url = "https://api-3t.sandbox.paypal.com/nvp"

    nvp_params = {
        "METHOD": "TransactionSearch",
        "STARTDATE": "2012-01-01T05:38:48Z",
    }

    r = requests.post(url, data=nvp_params, headers=headers)

    log.info(r.text)
    self.response.content_disposition = "text/html"
    self.response.write(r.text)

I have an access token and token secret from the permissions API using my PayPal credentials on developer.paypal.com under "Sandbox Accounts"

When I run this method I get the error message:

TIMESTAMP=2014%2d04%2d21T22%3a50%3a18Z&CORRELATIONID=c8f9212035b60
&ACK=Failure&VERSION=0%2e000000&BUILD=10277387&L_ERRORCODE0=10002
&L_SHORTMESSAGE0=Authentication%2f
Authorization%20Faile
d&L_LONGMESSAGE0=You%20do%20not%20have%20permissions%20to%20make%20this%20API%20call
&L_SEVERITYCODE0=ErrorNone

I can make a call to GetBasicPersonalDetails and it seems to work. Any help would be great, thanks!

Était-ce utile?

La solution

I found the answer, I was missing the "SUBJECT" parameter on the parameter string being sent for the payment. So just in case anyone else runs across this in the future the full code after getting the permissions tokens to run a test payment for the sandbox is:

def test_sales(self, access_token=None, token_secret=None):

timestamp, signature = genPermissionsAuthHeader.getAuthHeader(str(self.username), str(self.password), str(access_token), str(token_secret), "POST", "https://api-3t.sandbox.paypal.com/nvp") # https://svcs.sandbox.paypal.com/Permissions/GetBasicPersonalData
log.info(timestamp)
log.info(signature)

authorization_header = "timestamp=" + timestamp + ",token=" + access_token + ",signature=" + signature
log.info(authorization_header)

headers = {
    "X-PAYPAL-AUTHORIZATION": authorization_header,
}

url = "https://api-3t.sandbox.paypal.com/nvp"

nvp_params = {
    "METHOD": "DoDirectPayment",
    "PAYMENTACTION": "Sale",
    "AMT": "22.00",
    "ACCT": "4111111111111111",
    "CVV2": "111",
    "FIRSTNAME": "Jane",
    "LASTNAME": "Smith",
    "EXPDATE": "012018",
    "IPADDRESS": "127.0.0.1",
    "STREET": "123 Street Way",
    "CITY": "Englewood",
    "STATE": "CO",
    "ZIP": "80112",
    "VERSION": "86",
    "SIGNATURE": self.signature,
    "USER": self.username,
    "PWD": self.password,
    "SUBJECT": "person_who_you_acting_on_behalf_of@domain.com"
}


r = requests.post(url, data=nvp_params, headers=headers)
log.info("Search transaction\n\n" + r.text + "\n\n")
self.response.content_disposition = "text/html"
self.response.write(urllib.unquote(r.text).decode('utf8'))

And for generating the header I used: https://github.com/paypal/python-signature-generator-for-authentication-header

Hope this helps someone, thanks!

Autres conseils

Here is some information on the error message you are getting. One reason is invalid API Credentials. Another possibility is you are trying to pass an expired token. Once a transaction is created on PayPal the token is no longer valid. Instead you have a transaction id created.
Below is some more information on PayPal API Error Messages.
PayPal API Error Messages

If you are attempting a transaction search for your most recent transactions in PayPal, then you can use the PaymentDetailsRequest API
Here is an integration guide from the PayPal Developer Site:

Get Payment Details PayPal API Codes

TransactionSearch is not part of the AdaptivePayments API, so no "X-PAYPAL-AUTHORIZATION" is required with this method. Assuming that you got the permission for TransactionSearch method on the target account (see https://developer.paypal.com/docs/classic/permissions-service/gs_PermissionsService/) the following code will works:

import requests

api_username="username"
api_password="password"
api_signature="signature"

target_account_email="xxx.yyy-buyer@zzz.com"    #customers email

data_req = {
    'METHOD':'TransactionSearch',
    'SUBJECT':, target_account_email,
    'VERSION':'86.0',
    'STARTDATE':'2009-10-11T00:00:00Z',
    'USER':api_username,  
    'PWD':api_password,   
    'SIGNATURE':api_signature 
} 
response=requests.post(url_en_point,data=data_req,timeout=3).text
print response
Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top