Payment Tokens API

Availability: This is a deprecated collection of endpoints. Merchants can no longer get approved to use the REST direct credit cards feature this version requires to accept payments using stored cards. We suggest one of the following:
  • Contact PayPal to test out and help shape a beta version of Payment Tokens v2.
  • Accept credit card payments using Braintree Direct.

Credit cards (resource group)

Use the /credit-cards resource to store a credit card in the vault, delete, show details for, list, and update vaulted cards.

Store credit card

POST/v1/vault/credit-cards
Stores credit card details in the PayPal vault. To use the vaulted card to make a payment, specify this ID as the `credit_card_id` in a [`credit_card_token`](/docs/api/payments/#definition-credit_card_token) object. If you include a `payer_id` when you store the credit card, you must also include that ID as the `external_customer_id` in the `credit_card_token` object. To show details for, update, or delete the vaulted card, use the ID of the vaulted credit card.

Request body

  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

    Read only.

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the required length for the credit card type. Redacted in responses.

    Read only.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Read only.

    Possible values: visa,mastercard,amex,discover,maestro.

  • expire_month

    string

    required

    The one- to two-digit month when the card expires. For example, 1 or 12.

    Read only.

    Pattern: ^[0-9]{2}$.

  • expire_year

    string

    required

    The four-digit year when the card expires. For example, 2019.

    Read only.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder.

    Read only.

    Maximum length: 25.

  • last_name

    string

    The last name of the credit card holder.

    Read only.

  • billing_address

    object

    The billing address for this credit card.

    Read only.

  • external_customer_id

    string

    The externally-provided ID of the customer.

    Read only.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant.

    Read only.

    Maximum length: 256.

  • payer_id

    string

    The payer ID. Assign this ID to the card when you vault it. Use this ID to track vaulted card usage. This ID helps avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. Deprecated. Use external_customer_id instead.

    Read only.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Read only.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Read only.

    Possible values: expired,ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

    Read only.

  • links

    array(contains the link_description object)

    An array of request-related HATEOAS links.

    Read only.

SDK samples:JAVA,Python,

Sample Request

curl -v -X POST https://api.sandbox.paypal.com/v1/vault/credit-cards/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-d '{
  "number": "4417119669820331",
  "type": "visa",
  "expire_month": "11",
  "expire_year": "2015",
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "52 N Main St.",
    "city": "Johnstown",
    "country_code": "US",
    "postal_code": "43210",
    "state": "OH",
    "phone": "408-334-8890"
  }
}'

Response

A successful request returns the HTTP 201 Created status code and a JSON response body that shows credit card details, including the ID of the vaulted card.

  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the required length for the credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Possible values: visa,mastercard,amex,discover,maestro.

  • expire_month

    string

    required

    The one- to two-digit month when the card expires. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    string

    required

    The four-digit year when the card expires. For example, 2019.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder.

    Maximum length: 25.

  • last_name

    string

    The last name of the credit card holder.

  • billing_address

    object

    The billing address for this credit card.

  • external_customer_id

    string

    The externally-provided ID of the customer.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant.

    Maximum length: 256.

  • payer_id

    string

    The payer ID. Assign this ID to the card when you vault it. Use this ID to track vaulted card usage. This ID helps avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. Deprecated. Use external_customer_id instead.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Possible values: expired,ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

  • links

    array(contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "id": "CARD-1SW33690TH184423CKM2ZMVY",
  "state": "ok",
  "number": "0000000000000000",
  "type": "visa",
  "expire_month": "11",
  "expire_year": "2015",
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "52 N Main St.",
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "phone": "408-334-8890"
  },
  "valid_until": "2017-03-27T00:00:00Z",
  "create_time": "2014-03-28T15:33:43Z",
  "update_time": "2014-03-28T15:33:43Z",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "self",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "delete",
      "method": "DELETE"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "patch",
      "method": "PATCH"
    }
  ]
}

List vaulted credit cards

GET/v1/vault/credit-cards
Lists vaulted credit cards. To filter the cards in the response, specify one or more optional query parameters.

Query parameters

  • page_size

    integer

    The number of vaulted credit cards to list in the response beginning with the specified page.

    Read only.

    Minimum value: 1.

    Maximum value: 20.

  • page

    integer

    A zero-relative index of the list of vaulted credit cards.

    Read only.

    Minimum value: 1.

    Maximum value: 2147483647.

  • start_time

    string

    Filters the vaulted credit cards in the response to those created on or after this date and time and on or before the end_time value. Both values are in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • end_time

    string

    Filters the vaulted credit cards in the response to those created on or after the start_time date and time and on or before this value. Both values are in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • sort_order

    string

    Sorts the vaulted credit cards in the response in ascending or descending order. Value is asc for ascending order or desc for descending order.

    Read only.

  • sort_by

    string

    Sorts the vaulted credit cards in the response by either create_time or update_time.

    Read only.

  • merchant_id

    string

    Filters the vaulted credit cards in the response to those associated with this merchant ID. This value is a user-provided unique ID for the merchant who holds the card.

    Note: This parameter is not related to the PayPal merchant ID.

    Read only.

  • external_card_id

    string

    Filters the vaulted credit cards in the response to those associated with this facilitator-provided ID of the bank account.

    Read only.

  • external_customer_id

    string

    Filters the vaulted credit cards in the response to those associated with this externally-provided customer ID.

    Read only.

  • total_required

    boolean

    Indicates whether the response returns the total_items and total_pages values.

    Read only.

Sample Request

curl -v -X GET https://api.sandbox.paypal.com/v1/vault/credit-cards?external_card_id=card-1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Response

A successful request returns the HTTP 200 OK status code and a JSON response body that includes an array of vaulted cards. Each item in the array shows card details.

  • items

    array(contains the credit_card object)

    An array of credit card objects.

  • links

    array(contains the link_description object)

    An array of request-specific HATEOAS links.

  • total_items

    integer

    The total number of items.

    Maximum value: 2147483647.

  • total_pages

    integer

    The total number of pages.

    Minimum value: 1.

    Maximum value: 2147483647.

Sample Response

{
  "items": [
    {
      "id": "CARD-56X15128W3493241XKQ37IFY",
      "state": "ok",
      "payer_id": "rajesh",
      "external_card_id": "card-1",
      "number": "0000000000000000",
      "type": "visa",
      "expire_month": "11",
      "expire_year": "2018",
      "first_name": "Mary",
      "last_name": "Shopper",
      "billing_address": {
        "line1": "52 N. Main St.",
        "city": "Johnstown",
        "state": "CA",
        "postal_code": "43210",
        "country_code": "GB"
      },
      "valid_until": "2017-10-09T00:00:00Z",
      "create_time": "2014-10-10T14:58:31Z",
      "update_time": "2014-10-10T14:58:31Z",
      "links": [
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "self",
          "method": "GET"
        },
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "delete",
          "method": "DELETE"
        },
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "patch",
          "method": "PATCH"
        }
      ]
    }
  ],
  "total_items": 1,
  "total_pages": 1,
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/?page_size=10&sort_by=create_time&external_card_id=card-1&sort_order=asc",
      "rel": "first",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/?page_size=10&sort_by=create_time&external_card_id=card-1&sort_order=asc&page=1",
      "rel": "last",
      "method": "GET"
    }
  ]
}

Show vaulted credit card details

GET/v1/vault/credit-cards/{credit_card_id}
Shows details for a vaulted credit card, by ID.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card for which to show details. This ID is returned when you store the credit card in the PayPal vault.

    Read only.

SDK samples:JAVA,Python,

Sample Request

curl -v -X GET https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-54E6956910402550WKGRL6EA \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Response

A successful request returns the HTTP 200 OK status code and a JSON response body with card details.

  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the required length for the credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Possible values: visa,mastercard,amex,discover,maestro.

  • expire_month

    string

    required

    The one- to two-digit month when the card expires. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    string

    required

    The four-digit year when the card expires. For example, 2019.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder.

    Maximum length: 25.

  • last_name

    string

    The last name of the credit card holder.

  • billing_address

    object

    The billing address for this credit card.

  • external_customer_id

    string

    The externally-provided ID of the customer.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant.

    Maximum length: 256.

  • payer_id

    string

    The payer ID. Assign this ID to the card when you vault it. Use this ID to track vaulted card usage. This ID helps avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. Deprecated. Use external_customer_id instead.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Possible values: expired,ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

  • links

    array(contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "valid_until": "2016-05-26T00:00:00Z",
  "first_name": "Joe",
  "last_name": "Shopper",
  "expire_month": "11",
  "state": "ok",
  "billing_address": {
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "line1": "52 N. Main St."
  },
  "expire_year": "2018",
  "number": "0000000000000000",
  "type": "visa",
  "id": "CARD-54E6956910402550WKGRL6EA",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "GET",
      "rel": "self"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "DELETE",
      "rel": "delete"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "PATCH",
      "rel": "patch"
    }
  ]
}

Update vaulted credit card

PATCH/v1/vault/credit-cards/{credit_card_id}
Updates information for a vaulted credit card, by ID. In the JSON request body, specify the values to update.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card to update.

    Read only.

Request body

  • patch_request

    array(contains the patch object)

    An array of JSON patch objects to apply partial updates to resources.

    Read only.

SDK samples:Python,

Sample Request

curl -v -X PATCH https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-1SW33690TH184423CKM2ZMVY \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-d '[
  {
    "op": "replace",
    "path": "/billing_address/line1",
    "value": "53 N Main St."
  }
]'

Response

A successful request returns the HTTP 200 OK status code and a JSON response body that shows card details.

  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the required length for the credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Possible values: visa,mastercard,amex,discover,maestro.

  • expire_month

    string

    required

    The one- to two-digit month when the card expires. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    string

    required

    The four-digit year when the card expires. For example, 2019.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder.

    Maximum length: 25.

  • last_name

    string

    The last name of the credit card holder.

  • billing_address

    object

    The billing address for this credit card.

  • external_customer_id

    string

    The externally-provided ID of the customer.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant.

    Maximum length: 256.

  • payer_id

    string

    The payer ID. Assign this ID to the card when you vault it. Use this ID to track vaulted card usage. This ID helps avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. Deprecated. Use external_customer_id instead.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Possible values: expired,ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

  • links

    array(contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "id": "CARD-1SW33690TH184423CKM2ZMVY",
  "state": "ok",
  "number": "0000000000000000",
  "type": "visa",
  "expire_month": "11",
  "expire_year": "2015",
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "53 N Main St.",
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "phone": "408-334-8890"
  },
  "valid_until": "2017-03-27T00:00:00Z",
  "create_time": "2014-03-28T15:33:43Z",
  "update_time": "2014-03-28T15:33:43Z",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "self",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "delete",
      "method": "DELETE"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "patch",
      "method": "PATCH"
    }
  ]
}

Delete vaulted credit card

DELETE/v1/vault/credit-cards/{credit_card_id}
Deletes a vaulted credit card, by ID.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card to delete.

    Read only.

SDK samples:Python,

Sample Request

curl -v -X DELETE https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-54E6956910402550WKGRL6EA \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Sample Response

204 No Content

Common object definitions

address

  • line1

    required

    The first line of the address. For example, number or street.

  • line2

    The second line of the address. For example, suite or apartment number.

  • city

    required

    The city name.

  • state

    The code for a US state or the equivalent for other countries. Required for transactions if the address is in one of these countries: Argentina, Brazil, Canada, China, India, Italy, Japan, Mexico, Thailand, or United States. Maximum length is 40 single-byte characters.

  • country_code

    required

    The two-character ISO 3166-1 code that identifies the country or region.

    Note: The country code for Great Britain is GB and not UK as used in the top-level domain names for that country. Use the C2 country code for China worldwide for comparable uncontrolled price (CUP) method, bank card, and cross-border transactions.

    Minimum length: 2.

    Maximum length: 2.

    Pattern: ^([A-Z]{2}|C2)$.

  • postal_code

    The postal code, which is the zip code or equivalent. Typically required for countries with a postal code or an equivalent. See postal code.

address_postal_code_validation

  • address_postal_code_validation

country_code

  • country_code

    The two-character ISO 3166-1 code that identifies the country or region.

    Note: The country code for Great Britain is GB and not UK as used in the top-level domain names for that country. Use the C2 country code for China worldwide for comparable uncontrolled price (CUP) method, bank card, and cross-border transactions.

    Minimum length: 2.

    Maximum length: 2.

    Pattern: ^([A-Z]{2}|C2)$.

credit_card

  • id

    The ID of the vaulted credit card, which you can use to fund a payment.

  • number

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the required length for the credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Possible values: visa,mastercard,amex,discover,maestro.

  • expire_month

    required

    The one- to two-digit month when the card expires. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    required

    The four-digit year when the card expires. For example, 2019.

    Pattern: ^[0-9]{4}$.

  • first_name

    The first name of the credit card holder.

    Maximum length: 25.

  • last_name

    The last name of the credit card holder.

  • billing_address

    The billing address for this credit card.

  • external_customer_id

    The externally-provided ID of the customer.

    Maximum length: 256.

  • merchant_id

    The ID of the merchant.

    Maximum length: 256.

  • payer_id

    The payer ID. Assign this ID to the card when you vault it. Use this ID to track vaulted card usage. This ID helps avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. Deprecated. Use external_customer_id instead.

    Maximum length: 256.

  • external_card_id

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Possible values: expired,ok.

  • create_time

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • update_time

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

  • valid_until

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

  • links

    (contains the link_description object)

    An array of request-related HATEOAS links.

creditcardlist

  • items

    (contains the credit_card object)

    An array of credit card objects.

  • links

    (contains the link_description object)

    An array of request-specific HATEOAS links.

  • total_items

    The total number of items.

    Maximum value: 2147483647.

  • total_pages

    The total number of pages.

    Minimum value: 1.

    Maximum value: 2147483647.

error

  • name

    required

    The human-readable, unique name of the error.

  • debug_id

    The PayPal internal ID. Used for correlation purposes.

  • message

    required

    The message that describes the error.

  • information_link

    required

    The URI to detailed information related to this error for the developer.

  • details

    (contains the error_details object)

    An array of additional details for the error.

error_details

  • field

    required

    The name of the field that caused the error.

  • issue

    required

    The reason for the error.

patch

  • op

    required

    The operation.

  • path

    The JSON Pointer to the target document location at which to complete the operation.

  • value

    The value to apply. The remove operation does not require a value.

  • from

    The JSON Pointer to the target document location from which to move the value. Required for the move operation.

patch_request

  • patch_request

    (contains the patch object)

    An array of JSON patch objects to apply partial updates to resources.

Additional API information

Error messages

In addition to the common HTTP status codes that the REST APIs return, the Payment Tokens API can return the following errors.

  • CC_TYPE_NOT_SUPPORTED

    Card type is not supported for zero dollar authorization.

  • CREDIT_CARD_CVV_CHECK_FAILED

    The credit card CVV check failed.

  • DATA_RETRIEVAL

    Error retrieving data.

  • DUPLICATE_EXTERNAL_CARD_ID

    This external card ID for a credit card resource already exists.

  • DUPLICATE_MERCHANT_ID_EXTERNAL_CARD_ID

    This merchant ID and external card ID combination for a credit card resource already exists.

  • DUPLICATE_REQUEST_ID

    The value of PayPal-Request-Id header has already been used.

  • EXPIRED_CREDIT_CARD

    Credit card is expired.

  • INTERNAL_SERVICE_ERROR

    An internal service error has occurred.

  • INVALID_RESOURCE_ID

    The requested resource ID was not found.

  • PERMISSION_DENIED

    No permission for the requested operation.

  • VALIDATION_ERROR

    Invalid request - see details.