Make your first call

To make a PayPal REST request:

Note: You can run the examples directly as-is. However, when creating your own app, be sure to update the OAuth keys in your code with those assigned to your PayPal app.

Create a PayPal app

Navigate to the My Apps & Credentials page, and log in if necessary. In the REST API Apps section, click Create App to begin the app-creation process. For details about how to create and manage your PayPal apps, see Manage your applications.

When you create an app, PayPal generates a set of OAuth keys for the app. A set of client_id and secret keys are created for your app for both the sandbox and live environments.

Tip: To see how the OAuth keys work, run the example in the next step. The example uses a set of dummy keys. To make your first call, paste the example as-is into a Terminal window.

Get an access token

Make a /token call with your app's OAuth client_id and secret keys for the basic authentication values. In the request body, set grant_type to client_credentials. When you run the command, PayPal generates and returns an access token.

For information about the request headers, see REST API authentication and headers.

cURL (command line)

With cURL, you use the -u flag: -u client_id:secret to supply the OAuth values.

cURL access token request example

curl -v \
  -H "Accept: application/json" \
  -H "Accept-Language: en_US" \
  -u "EOJ2S-Z6OoN_le_KS1d75wsZ6y0SFdVsY9183IvxFyZp:EClusMEUk8e9ihI7ZdVLF5cZ6y0SFdVsY9183IvxFyZp" \
  -d "grant_type=client_credentials"

Tip: If you use Windows, use a Bash shell to make cURL calls.

When issuing requests with a tool other than cURL, set content-type in the request to application/x-www-form-urlencoded.


  1. Set the method to POST and enter the sandbox endpoint into the request URL field:
  2. Set the Authorization type to Basic Auth and enter the client_id in the Username field and secret in the Password field.
  3. Set the Body to x-www-form-urlencoded and enter grant_type in the key field and client_credentials in the value field.
  4. Click Send.

Sample response


Note: The access token is valid for the number of seconds specified in the expires_in response field. You must have a valid access token to make API requests—request a new token when the current one expires.

Make an API call

With a valid access token in hand, you're ready to make a request to a REST interface. The following call creates a PayPal account payment. The simple request uses the required input fields only.

The access token is an OAuth bearer token and is included in the header of your requests with the following syntax:

Authorization: Bearer Access-Token

For details on authentication, see How PayPal uses OAuth.

Important: You must supply a valid access token to complete this request. Generate a valid token by using the previous example call.

Example PayPal payment request

curl -v \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer Access-Token" \
  -d '{

A successful call returns a confirmation of the transaction with the state set to created. You can also confirm the creation of the PayPal transaction by using the Sandbox Transactions dashboard.

You must complete two additional steps to finalize and capture the PayPal payment. For details about the PayPal payment flow, see PayPal payments .

Additional information