Not authorized

Authorization failed due to insufficient permissions. The following issues may return from a NOT_AUTHORIZED error.

Note: If an issue persists or if you have further questions, you can reach out to paypal-techsupport.com.

PAYEE_ACCOUNT_NOT_VERIFIED

Returns from the Payments v1 or Orders v2 APIs.

Cause
  • Unverified PayPal account: The payee's PayPal account has not been verified, which is a requirement for processing transactions.
  • Account restrictions: The payee's account may have restrictions or limitations that prevent it from being verified.
  • Unverified email address: The payee has not verified their email address with PayPal, which is a necessary step for account verification.
ImpactThe payment is declined, and the payment is not processed. This can lead to delays in completing the purchase.
Resolution
  • Verify PayPal account: The payee should verify their PayPal account in order to resolve this error. This typically involves confirming their email address, linking and confirming a bank account or credit card, and providing any required identification documents.
  • Check for account restrictions: Check the PayPal account for any restrictions or limitations that may prevent verification. The payee should resolve any outstanding issues or contact PayPal support for assistance.
  • Verify email address: The payee should verify their email address with PayPal. They should check their email for a verification message from PayPal and follow the instructions to confirm their email address.

PAYEE_NOT_CONSENTED

Cause
  • The PayPal merchant account making the API call does not have permission from the payee account to carry out a request.
  • A different account used credentials to make the API request on behalf of the payee. The payee account is not sending the request.
  • The payee account needs to grant permissions to the facilitator account.
  • The payee has not consented for the API caller to process this transaction. Your setup requires payee consent before processing.
Impact
  • The facilitator account is not able to process payments for the payee account without receiving permissions from the payee. These attempts will fail until permissions are granted.
  • This leads to fewer customers completing PayPal transactions on the merchant website.
Resolution
  • The payee account is passed in the payee field within “purchase_units” object of the Orders API request body. Ensure that the correct values are passed, and the API caller account has received the correct set of permissions.
  • For PayPal Complete Payments merchants, ensure the caller API account has consent to collect partner fees for the payee. Make sure to add PARTNER_FEE to the list of capabilities when taking the payee through the sign-up flow.
  • After adding permissions, retry the payment.
  • If permissions are already added, or if this has started happening for a large number of transactions, reach out to PayPal support.

PERMISSION_DENIED

Returns from the Payments v1 or Orders v2 APIs.

CauseThe PayPal API returns this error when the credentials used to call the API do not have the necessary permissions to perform the requested operation or action. Common causes include:
  • Insufficient permissions: The PayPal account does not have the required permissions.
  • Invalid or expired credentials: OAuth access tokens are expired or invalid.
  • Restricted operations: Attempting actions not allowed for the account type. For example, a personal account tries to access business-level APIs.
  • Swapped credentials: Using sandbox credentials in a live environment or vice versa.
ImpactThe payment process is halted, preventing the customer from finalizing their purchase. This can lead to lost sales if the issue is not resolved promptly.
Resolution
  • Verify resource ownership: Ensure the resource ID belongs to the PayPal account making the API call. If it belongs to another account, ensure the correct permissions and scopes are granted.
  • Check API credentials: Ensure the credentials are for the correct environment (sandbox or live), and are properly generated from the PayPal Developer Dashboard.
  • Verify OAuth scopes and permissions: Ensure the necessary scopes are requested when generating OAuth tokens.
  • Review account permissions: Access the PayPal Developer Dashboard to ensure the API credentials correspond to an account with appropriate privileges. Check the My Apps & Credentials page for details.
  • Renew authentication tokens: Regularly renew access tokens and ensure your application handles token expiration gracefully.
  • Use correct API endpoints: Ensure you are using the correct endpoints for the environment. For sandbox, use https://api.sandbox.paypal.com. For live, use https://api.paypal.com.
  • Check account type and feature availability: Ensure the PayPal account supports the requested API operations. Some features are only available on business accounts or specific integrations, for example, payouts.