TLDR: How does one renew a Cybersource auth which has expired (leveraging an existing payment transaction)?
Scenario:
Payment is tokenized & an auth is created via cybersource
Wait 10 days (suppose this is an order & you have to make the items)
Request Capture (items ready to ship)
/capture responds with a 400 + MISSING_AUTH (believe an expired auth will do this)
What do you do now?
Cybersource Reauthorization seems to require the card number based on testing (although that page does not reference it).
How I tested this:
Execute Payment Creation with Authorization
Attempt Cybersource Reauthorization leveraging the id from above
Related
According to the documentation the paypal payment method should be able to do Authorization & Capture just fine. The following excerpt under the PayPal authorizations excerpt specifically states how to go about it:
First get payment approval and execute the payment as you normally would do for a PayPal payment. Once you successfully execute on the payment authorization, PayPal responds with a new set of HATEOAS links, including a capture link that you use to capture the payment.
So if im following correctly the flow for doing Authorize & Capture is as follows:
Create a Payment
Redirect User to HATEOAS link approval_url to get them to sign into paypal.
Be returned to success (or cancel, but not in this example) link.
Get the Payment to see what's changed, get the shipping address / etc....
Let the customer review the details
Execute The Payment to commit to the hold on funds.
At this point an AuthorizationID / HATEOAS Link should hold information about the authorization.
Some time later use the authorization ID to Capture, and voila, we're done.
Now this is all fine and dandy, but in my tests on the sandbox environment I'm having trouble retrieving the authorization ID anywhere.
Here's my HATEOAS Links I receive from my Execute Step:
As you can see, only the self reference is returned, according to the documentation there should be one capture link at the least that should have the authorizationID in it.
Also, nowhere in the response body is any authorization ID. However, If I look at the payment in my sandbox paypal dashboard:
And once I drill down into it:
Sure enough if I call the Authorization.Capture API call against 8B633793L37511009 it captures as you would expect. However I can't find a programmatic way to determine this number.
How am I supposed to store the authorization number so my tooling can capture later when our business conditions have been met?
In the beggining, when you create the payment with intent authorize you should be getting an authorization object within the response. This object has the id you need for the capture later.
Check this blog post to see if you're missing something fundamental in the picture.
I followed the tutorial and executed the sample requests via curl. As you can see, I got the authorization id under transactions->related resources->authorization->id
Then I used the id in the URL and successfully captured the payment.
Hope this helps, if it doesn't, please elaborate and maybe I will be able to help you further. Good luck!
I'm planning to create a web application that allows a user to track donation amounts to their PayPal account that are posting in real time towards a goal.
I need to know...
A. If it's possible
B. If the path I'm using is the best path
c. What is the best path is b isn't.
The flow would work like this.
1) User visits site and enters their PayPal Email address / password / goal donation amount. I'd then be able to make api calls on behalf of this user.
2) I'd use the API call and make a webhook on this users account for when donations come in (The webhooks only say it can fire when sales come in, but maybe donations count as a sale?)
3) I'd have a function on my website ready to accept the post data and update the tracker.
So if the tracker starts out saying 0/300 (user entered 300 for goal amount at the start), then a 15 dollar donation comes in it will update to 15/300, and if another donation for 5 dollars comes in it will say 20/300 etc...
Thanks for any suggestions / help!
Instead of using the user's PayPal email address and password, PayPal has something called a client id and client secret. These work like passwords to make API calls and allot safer than asking for the real email address and password from your user. If you revise your #1, then it is certainly possible to make API calls and receive webhooks just like you described.
Link to PayPal Authentication & Headers: https://developer.paypal.com/docs/api/#authentication--headers
Link to PayPal Notifications for managing webhooks: https://developer.paypal.com/docs/api/#notifications
Is it possible to send all relevant details to including the paypal email and password to make a transaction in only 1 step?
From what I know, no you can't.
I have been playing with the api for the last week and here is what I've learned.
You can get the users information using PayPal Login API (use the token to process payments)
You can charge a credit seamlessly (without redirecting to paypal)
You can stored / delete / look up a credit card
You can obtain authorization for a payment (requires redirect to paypal site), then capture it later.
Complete Sale (redirect to paypal), confirm payment and complete sale
i didn't find any information about life time of payments with intent "sale". If a user cancel's payment by closing the paypal window, then i should be abled to continue payment by looking up the payment via api and redirect him to the approval url. But this works only for a certain time span. I'm abled to look up payments from yesterday, the response tells me about a payment state of "created" but after redirection to the approve_url paypal's website says:
Your Session has ended.
This transaction has expired. Please return to the recipient's website to complete your transaction using their regular checkout flow.
I guess i should create a new payment in that case. But how long should i wait before creating a new payment, because payments with age.. - lets say about 1 hour are still valid?
TIA
The user has three hours to approve of the PayPal payment before a new payment must be created.
I'm doing a paypal Express Checkout operation with SOAP API using the payment action Authorization.
The authorization period is automatically set to 29 days. How can i change it?
The credit card authorization that a bank places on the buyers credit card, is really up to the card issuing bank. It's not anything you can really change. The actual hold period can vary slightly as well from one card issuing bank to the next.