Not authorized

Authorization failed due to insufficient permissions. The following issues may return from a NOT_AUTHORIZED error.

Note: If an issue persists or if you have further questions, you can reach out to paypal-techsupport.com.

PAYEE_ACCOUNT_NOT_VERIFIED

Returns from the Payments v1 or Orders v2 APIs.

CauseImpactResolution
  • Unverified PayPal account: The payee's PayPal account has not been verified, which is a requirement for processing transactions.
  • Account restrictions: The payee's account may have restrictions or limitations that prevent it from being verified.
  • Unverified email address: The payee has not verified their email address with PayPal, which is a necessary step for account verification.
The payment is declined, and the payment is not processed. This can lead to delays in completing the purchase.
  • Verify PayPal account: The payee should verify their PayPal account in order to resolve this error. This typically involves confirming their email address, linking and confirming a bank account or credit card, and providing any required identification documents.
  • Check for account restrictions: Check the PayPal account for any restrictions or limitations that may prevent verification. The payee should resolve any outstanding issues or contact PayPal support for assistance.
  • Verify email address: The payee should verify their email address with PayPal. They should check their email for a verification message from PayPal and follow the instructions to confirm their email address.

PERMISSION_DENIED

Returns from the Payments v1 or Orders v2 APIs.

CauseImpactResolution
The PayPal API returns this error when the credentials used to call the API do not have the necessary permissions to perform the requested operation or action. Common causes include:
  • Insufficient permissions: The PayPal account does not have the required permissions.
  • Invalid or expired credentials: OAuth access tokens are expired or invalid.
  • Restricted operations: Attempting actions not allowed for the account type. For example, a personal account tries to access business-level APIs.
  • Swapped credentials: Using sandbox credentials in a live environment or vice versa.
The payment process is halted, preventing the customer from finalizing their purchase. This can lead to lost sales if the issue is not resolved promptly.
  • Verify resource ownership: Ensure the resource ID belongs to the PayPal account making the API call. If it belongs to another account, ensure the correct permissions and scopes are granted.
  • Check API credentials: Ensure the credentials are for the correct environment (sandbox or live), and are properly generated from the PayPal Developer Dashboard.
  • Verify OAuth scopes and permissions: Ensure the necessary scopes are requested when generating OAuth tokens.
  • Review account permissions: Access the PayPal Developer Dashboard to ensure the API credentials correspond to an account with appropriate privileges. Check the My Apps & Credentials page for details.
  • Renew authentication tokens: Regularly renew access tokens and ensure your application handles token expiration gracefully.
  • Use correct API endpoints: Ensure you are using the correct endpoints for the environment. For sandbox, use https://api.sandbox.paypal.com. For live, use https://api.paypal.com.
  • Check account type and feature availability: Ensure the PayPal account supports the requested API operations. Some features are only available on business accounts or specific integrations, for example, payouts.