Vault API

As a merchant, you can use the Vault API to securely store customer credit cards in the PayPal vault rather than on your server. When you use the API to store a customer credit card, the API returns the ID of the vaulted card. To make a payment with the vaulted card, you specify the ID of the vaulted card instead of credit card details. For information, see the Vault overview.
Note: PayPal does not validate credit card information that you store in the vault.

Credit cards (resource group)

Use the /credit-cards resource to store a credit card in the vault, delete, show details for, list, and update vaulted cards.

Store credit card

POST /v1/vault/credit-cards
Stores credit card details in the PayPal vault. To use the vaulted card to make a payment, specify this ID as the credit_card_id in a credit_card_token object. If you include a payer_id when you store the credit card, you must also include that ID as the external_customer_id in the credit_card_token object.
You can also use the ID of the vaulted credit card to show details for, update, or delete the vaulted card.

Request body

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the length required by its credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Allowed values: visa, mastercard, amex, discover, maestro.

  • expire_month

    integer

    required

    The one- to two-digit month when the card expires, with no leading zero. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    integer

    required

    The four-digit year when the card expires. For example, 2017.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder. Maximum length is 25 characters.
  • last_name

    string

    The last name of the credit card holder.
  • billing_address

    object

    The billing address for this credit card.
  • external_customer_id

    string

    The externally-provided ID of the customer for whom to list credit cards.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant for whom to list credit cards.

    Maximum length: 256.

  • payer_id

    string

    A unique ID that you can assign and track when you vault a credit card or use a vaulted credit card to make a payment. This ID can help to avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. This is being deprecated in favor of the external_customer_id property.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • links

    array (contains the link_description object)

    An array of request-related HATEOAS links.
SDK samples: JAVA, Python

Sample Request

curl -v -X POST https://api.sandbox.paypal.com/v1/vault/credit-cards/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-d '{
  "number": "4417119669820331",
  "type": "visa",
  "expire_month": 11,
  "expire_year": 2015,
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "52 N Main St.",
    "city": "Johnstown",
    "country_code": "US",
    "postal_code": "43210",
    "state": "OH",
    "phone": "408-334-8890"
  }
}'

Response

A successful request returns the HTTP 201 Created status code and a JSON response body that shows credit card details, including the ID of the vaulted card.
  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

    Read only.

  • number

    string

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the length required by its credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    The credit card type.

    Possible values: visa, mastercard, amex, discover, maestro.

  • expire_month

    integer

    The one- to two-digit month when the card expires, with no leading zero. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    integer

    The four-digit year when the card expires. For example, 2017.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder. Maximum length is 25 characters.
  • last_name

    string

    The last name of the credit card holder.
  • billing_address

    object

    The billing address for this credit card.
  • external_customer_id

    string

    The externally-provided ID of the customer for whom to list credit cards.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant for whom to list credit cards.

    Maximum length: 256.

  • payer_id

    string

    A unique ID that you can assign and track when you vault a credit card or use a vaulted credit card to make a payment. This ID can help to avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. This is being deprecated in favor of the external_customer_id property.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Read only.

    Possible values: expired, ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

    Read only.

  • links

    array (contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "id": "CARD-1SW33690TH184423CKM2ZMVY",
  "state": "ok",
  "number": "0000000000000000",
  "type": "visa",
  "expire_month": 11,
  "expire_year": 2015,
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "52 N Main St.",
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "phone": "408-334-8890"
  },
  "valid_until": "2017-03-27T00:00:00Z",
  "create_time": "2014-03-28T15:33:43Z",
  "update_time": "2014-03-28T15:33:43Z",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "self",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "delete",
      "method": "DELETE"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "patch",
      "method": "PATCH"
    }
  ]
}

List vaulted credit cards

GET /v1/vault/credit-cards
Lists vaulted credit cards. To filter the cards in the response, specify one or more optional query parameters.

Query parameters

  • page_size

    integer

    The number of vaulted credit cards to list in the response beginning with the specified page.

    Default: 10.

    Minimum value: 1.

    Maximum value: 20.

  • page

    integer

    A zero-relative index of the list of vaulted credit cards.

    Default: 1.

    Minimum value: 1.

    Maximum value: 2147483647.

  • start_time

    string

    Filters the vaulted credit cards in the response to those created on or after this date and time and on or before the end_time value. Both values are in Internet date and time format. For example, 2017-11-05T13:15:30Z.
  • end_time

    string

    Filters the vaulted credit cards in the response to those created on or after the start_time date and time and on or before this value. Both values are in Internet date and time format. For example, 2017-11-05T13:15:30Z.
  • sort_order

    string

    Sorts the vaulted credit cards in the response in ascending or descending order. Value is asc for ascending order or desc for descending order.

    Default: desc.

  • sort_by

    string

    Sorts the vaulted credit cards in the response by either create_time or update_time.

    Default: create_time.

  • merchant_id

    string

    Filters the vaulted credit cards in the response to those associated with this merchant ID. This value is a user-provided unique ID for the merchant who holds the card.
    Note: This parameter is not related to the PayPal merchant ID.
  • external_card_id

    string

    Filters the vaulted credit cards in the response to those associated with this facilitator-provided ID of the bank account.
  • external_customer_id

    string

    Filters the vaulted credit cards in the response to those associated with this externally-provided customer ID.
  • total_required

    boolean

    Indicates whether the response returns the total_items and total_pages values.

Sample Request

curl -v -X GET https://api.sandbox.paypal.com/v1/vault/credit-cards?external_card_id=card-1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Response

A successful request returns the HTTP 200 OK status code and a JSON response body that includes an array of vaulted cards. Each item in the array shows card details.
  • items

    array (contains the credit_card object)

    An array of credit card objects.
  • links

    array (contains the link_description object)

    An array of request-specific HATEOAS links.
  • total_items

    integer

    The total number of items.

    Minimum value: 0.

    Maximum value: 2147483647.

  • total_pages

    integer

    The total number of pages.

    Minimum value: 1.

    Maximum value: 2147483647.

Sample Response

{
  "items": [
    {
      "id": "CARD-56X15128W3493241XKQ37IFY",
      "state": "ok",
      "payer_id": "rajesh",
      "external_card_id": "card-1",
      "number": "0000000000000000",
      "type": "visa",
      "expire_month": 11,
      "expire_year": 2018,
      "first_name": "Mary",
      "last_name": "Shopper",
      "billing_address": {
        "line1": "52 N. Main St.",
        "city": "Johnstown",
        "state": "CA",
        "postal_code": "43210",
        "country_code": "GB"
      },
      "valid_until": "2017-10-09T00:00:00Z",
      "create_time": "2014-10-10T14:58:31Z",
      "update_time": "2014-10-10T14:58:31Z",
      "links": [
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "self",
          "method": "GET"
        },
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "delete",
          "method": "DELETE"
        },
        {
          "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-56X15128W3493241XKQ37IFY",
          "rel": "patch",
          "method": "PATCH"
        }
      ]
    }
  ],
  "total_items": 1,
  "total_pages": 1,
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/?page_size=10&sort_by=create_time&external_card_id=card-1&sort_order=asc",
      "rel": "first",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-cards/?page_size=10&sort_by=create_time&external_card_id=card-1&sort_order=asc&page=1",
      "rel": "last",
      "method": "GET"
    }
  ]
}

Update vaulted credit card

PATCH /v1/vault/credit-cards/{credit_card_id}
Updates information for a vaulted credit card, by ID. In the JSON request body, specify the values to update.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card to update.

Request body

  • patch_request

    array (contains the patch object)

    An array of JSON patch objects to apply partial updates to resources.
SDK samples: Python

Sample Request

curl -v -X PATCH https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-1SW33690TH184423CKM2ZMVY \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-d '[
  {
    "op": "replace",
    "path": "/billing_address/line1",
    "value": "53 N Main St."
  }
]'

Response

A successful request returns the HTTP 200 OK status code and a JSON response body that shows card details.
  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

    Read only.

  • number

    string

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the length required by its credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    The credit card type.

    Possible values: visa, mastercard, amex, discover, maestro.

  • expire_month

    integer

    The one- to two-digit month when the card expires, with no leading zero. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    integer

    The four-digit year when the card expires. For example, 2017.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder. Maximum length is 25 characters.
  • last_name

    string

    The last name of the credit card holder.
  • billing_address

    object

    The billing address for this credit card.
  • external_customer_id

    string

    The externally-provided ID of the customer for whom to list credit cards.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant for whom to list credit cards.

    Maximum length: 256.

  • payer_id

    string

    A unique ID that you can assign and track when you vault a credit card or use a vaulted credit card to make a payment. This ID can help to avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. This is being deprecated in favor of the external_customer_id property.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Read only.

    Possible values: expired, ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

    Read only.

  • links

    array (contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "id": "CARD-1SW33690TH184423CKM2ZMVY",
  "state": "ok",
  "number": "0000000000000000",
  "type": "visa",
  "expire_month": 11,
  "expire_year": 2015,
  "first_name": "Joe",
  "last_name": "Shopper",
  "billing_address": {
    "line1": "53 N Main St.",
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "phone": "408-334-8890"
  },
  "valid_until": "2017-03-27T00:00:00Z",
  "create_time": "2014-03-28T15:33:43Z",
  "update_time": "2014-03-28T15:33:43Z",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "self",
      "method": "GET"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "delete",
      "method": "DELETE"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-1SW33690TH184423CKM2ZMVY",
      "rel": "patch",
      "method": "PATCH"
    }
  ]
}

Delete vaulted credit card

DELETE /v1/vault/credit-cards/{credit_card_id}
Deletes a vaulted credit card, by ID.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card to delete.
SDK samples: Python

Sample Request

curl -v -X DELETE https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-54E6956910402550WKGRL6EA \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Response

A successful request returns the HTTP 204 No Content status code with no JSON response body.

Sample Response

204 No Content

Show vaulted credit card details

GET /v1/vault/credit-cards/{credit_card_id}
Shows details for a vaulted credit card, by ID.

Path parameters

  • credit_card_id

    string

    required

    The ID of the vaulted credit card for which to show details. This ID is returned when you store the credit card in the PayPal vault.
SDK samples: JAVA, Python

Sample Request

curl -v -X GET https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-54E6956910402550WKGRL6EA \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"

Response

A successful request returns the HTTP 200 OK status code and a JSON response body with card details.
  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

    Read only.

  • number

    string

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the length required by its credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    The credit card type.

    Possible values: visa, mastercard, amex, discover, maestro.

  • expire_month

    integer

    The one- to two-digit month when the card expires, with no leading zero. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    integer

    The four-digit year when the card expires. For example, 2017.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder. Maximum length is 25 characters.
  • last_name

    string

    The last name of the credit card holder.
  • billing_address

    object

    The billing address for this credit card.
  • external_customer_id

    string

    The externally-provided ID of the customer for whom to list credit cards.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant for whom to list credit cards.

    Maximum length: 256.

  • payer_id

    string

    A unique ID that you can assign and track when you vault a credit card or use a vaulted credit card to make a payment. This ID can help to avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. This is being deprecated in favor of the external_customer_id property.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Read only.

    Possible values: expired, ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

    Read only.

  • links

    array (contains the link_description object)

    An array of request-related HATEOAS links.

Sample Response

{
  "valid_until": "2016-05-26T00:00:00Z",
  "first_name": "Joe",
  "last_name": "Shopper",
  "expire_month": 11,
  "state": "ok",
  "billing_address": {
    "city": "Johnstown",
    "state": "OH",
    "postal_code": "43210",
    "country_code": "US",
    "line1": "52 N. Main St."
  },
  "expire_year": 2018,
  "number": "0000000000000000",
  "type": "visa",
  "id": "CARD-54E6956910402550WKGRL6EA",
  "links": [
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "GET",
      "rel": "self"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "DELETE",
      "rel": "delete"
    },
    {
      "href": "https://api.sandbox.paypal.com/v1/vault/credit-card/CARD-54E6956910402550WKGRL6EA",
      "method": "PATCH",
      "rel": "patch"
    }
  ]
}

Common object definitions

address

  • line1

    string

    required

    The first line of the address. For example, number, street, and so on.
  • line2

    string

    Optional. The second line of the address. For example, suite, apartment number, and so on.
  • city

    string

    required

    The city name.
  • state

    string

    The code for a US state or the equivalent for other countries. Required for transactions if the address is in one of these countries: Argentina, Brazil, Canada, India, Italy, Japan, Mexico, Thailand, or United States. Maximum length is 40 single-byte characters.
  • country_code

    string

    required

    A two-character ISO 3166-1 code that identifies the country or region.
    Note: The country code for Great Britain is GB and not UK as used in the top-level domain names for that country. Use the C2 country code for China worldwide for comparable uncontrolled price (CUP) method, bank card, and cross-border transactions.

    Minimum length: 2.

    Maximum length: 2.

    Pattern: ^([A-Z]{2}|C2)$.

  • postal_code

    string

    The postal code, which is the zip code or equivalent. Typically required for countries with a postal code or an equivalent. See Postal code.

country_code

  • country_code

    string

    A two-character ISO 3166-1 code that identifies the country or region.
    Note: The country code for Great Britain is GB and not UK as used in the top-level domain names for that country. Use the C2 country code for China worldwide for comparable uncontrolled price (CUP) method, bank card, and cross-border transactions.

    Minimum length: 2.

    Maximum length: 2.

    Pattern: ^([A-Z]{2}|C2)$.

credit_card

  • id

    string

    The ID of the vaulted credit card, which you can use to fund a payment.

    Read only.

  • number

    string

    required

    The credit card number. Value is a string of numeric characters with no spaces or punctuation. Must conform to modulo and the length required by its credit card type. Redacted in responses.

    Pattern: ^[0-9]{12,19}$.

  • type

    enum

    required

    The credit card type.

    Possible values: visa, mastercard, amex, discover, maestro.

  • expire_month

    integer

    required

    The one- to two-digit month when the card expires, with no leading zero. For example, 1 or 12.

    Pattern: ^[0-9]{2}$.

  • expire_year

    integer

    required

    The four-digit year when the card expires. For example, 2017.

    Pattern: ^[0-9]{4}$.

  • first_name

    string

    The first name of the credit card holder. Maximum length is 25 characters.
  • last_name

    string

    The last name of the credit card holder.
  • billing_address

    object

    The billing address for this credit card.
  • external_customer_id

    string

    The externally-provided ID of the customer for whom to list credit cards.

    Maximum length: 256.

  • merchant_id

    string

    The ID of the merchant for whom to list credit cards.

    Maximum length: 256.

  • payer_id

    string

    A unique ID that you can assign and track when you vault a credit card or use a vaulted credit card to make a payment. This ID can help to avoid unintentional use or misuse of credit cards. Can be any value, such as a UUID, user name, or email address. This is being deprecated in favor of the external_customer_id property.

    Maximum length: 256.

  • external_card_id

    string

    The externally-provided ID of the credit card.

    Maximum length: 256.

  • state

    enum

    The state of the credit card funding instrument.

    Read only.

    Possible values: expired, ok.

  • create_time

    string

    The date and time when the vaulted credit card was created, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • update_time

    string

    The date and time when the vaulted credit card was updated, in Internet date and time format. For example, 2017-11-05T13:15:30Z.

    Read only.

  • valid_until

    string

    The date and time when the credit card becomes unusable from the vault, in Internet date and time format. The valid_until parameter is not the same as the expiration month and year. The expiration month and year might be later than the valid_until date. For example, the card expires in November 2019 but the valid_until date is October 17th, 2019.

    Read only.

  • links

    array (contains the link_description object)

    An array of request-related HATEOAS links.

creditcardlist

  • items

    array (contains the credit_card object)

    An array of credit card objects.
  • links

    array (contains the link_description object)

    An array of request-specific HATEOAS links.
  • total_items

    integer

    The total number of items.

    Minimum value: 0.

    Maximum value: 2147483647.

  • total_pages

    integer

    The total number of pages.

    Minimum value: 1.

    Maximum value: 2147483647.

error

  • name

    string

    required

    The human-readable, unique name of the error.

    Read only.

  • debug_id

    string

    The PayPal internal ID. Used for correlation purposes.

    Read only.

  • message

    string

    required

    The message that describes the error.

    Read only.

  • information_link

    string

    required

    The URI to detailed information related to this error for the developer.

    Read only.

  • details

    array (contains the error_details object)

    An array of additional details for the error.

    Read only.

error_details

  • field

    string

    required

    The name of the field that caused the error.
  • issue

    string

    required

    The reason for the error.

patch

  • op

    enum

    required

    The operation to complete.

    Possible values: add, remove, replace, move, copy, test.

  • path

    string

    The JSON pointer to the target document location at which to complete the operation.
  • value

    number,integer,string,boolean,null,array,object

    The value to apply. The remove operation does not require a value.
  • from

    string

    The JSON pointer to the target document location from which to move the value. Required for the move operation.

patch_request

  • patch_request

    array (contains the patch object)

    An array of JSON patch objects to apply partial updates to resources.

Additional API information

Error messages

In addition to common HTTP status codes that the REST APIs return, the Vault API can return the following errors.

  • CC_TYPE_NOT_SUPPORTED

    Card type is not supported for zero dollar authorization.

  • CREDIT_CARD_CVV_CHECK_FAILED

    The credit card CVV check failed.

  • DATA_RETRIEVAL

    Error retrieving data.

  • DUPLICATE_EXTERNAL_CARD_ID

    This external card ID for a credit card resource already exists.

  • DUPLICATE_MERCHANT_ID_EXTERNAL_CARD_ID

    This merchant ID and external card ID combination for a credit card resource already exists.

  • DUPLICATE_REQUEST_ID

    The value of PayPal-Request-Id header has already been used.

  • EXPIRED_CREDIT_CARD

    Credit card is expired.

  • INTERNAL_SERVICE_ERROR

    An internal service error has occurred.

  • INVALID_RESOURCE_ID

    The requested resource ID was not found.

  • PERMISSION_DENIED

    No permission for the requested operation.

  • VALIDATION_ERROR

    Invalid request - see details.