Credit card payments

Use the Payments API to easily and securely accept online and mobile credit card payments. You can enable payers to make credit card payments with only a few clicks, depending on the country.

Note: Some countries restrict direct credit card payments and related features.

PayPal makes it simple to charge credit cards. Just pass the credit card, shipping, and payment information to the Payments REST API.

PCI compliance

All merchants who accept, store, transmit or process any card holder data, regardless of size or number of transactions, must comply with the Payment Card Industry Data Security Standards (PCI DSS).

PCI compliance Description
Handled by PayPal With PayPal's JavaScript buttons or the PayPal iOS SDK, PayPal handles the payment card information on your behalf and so greatly eases the burden of PCI compliance.
Handled by you If you use the PayPal REST APIs to accept credit card payments, you handle card data directly and must ensure that you are PCI compliant.

Note: If you do not want to store credit card information on your servers, you can use the Vault API to store credit card details in the PayPal vault. See store credit card data.

Integration steps

To accept a credit card payment:

1. Required Meet the prerequisites.
2. Required Create credit card payment.

Prerequisites

  1. Get an access token.

    To get an access token, you must create a PayPal app. When you create an app, PayPal generates a set of OAuth client_id and secret keys for your app for both the sandbox and live environments. Then, to get an access token, you pass the client_id:secret credentials in the Authorization header in a get access token request. The authorization server issues an access token in exchange for your client ID and secret credentials. You use the access token for authentication when you make REST API requests.

    For more information, see make your first call. If you are a non-US developer, see International Developer Questions. You can use your sandbox access token to try any of the code in the REST API reference.

    Each API response includes HATEOAS links that enable you to construct a payment flow.

  2. To receive payments in a currency that you do not hold, first configure your Payment Receiving Preferences in your PayPal account. Otherwise, your payment status might be pending until you manually approve the payment in your PayPal account.

  3. To receive guest checkout payments, which allow credit cards, enable the PayPal Account Optional option in your account settings. The path to this option for US accounts is:

    Profile > My selling tools > Website preferences > PayPal Account Optional

  4. To test payments, create test buyer and merchant accounts in the PayPal sandbox. To create a test buyer account, select the Personal account type. To create a test merchant account, select the Business account type. See create sandbox accounts.

Create credit card payment

This sample request makes a direct credit card payment with only the required fields.

Important: Include an access token in the Authorization header. For more information about credentials and authorization, see make your first call.

curl -v https://api.sandbox.paypal.com/v1/payments/payment \
  -H "Content-Type:application/json" \
  -H "Authorization: Bearer Access-Token" \
  -d '{
  "intent": "sale",
  "payer": {
    "payment_method": "credit_card",
    "funding_instruments": [{
      "credit_card": {
        "number": "4417119669820331",
        "type": "visa",
        "expire_month": 11,
        "expire_year": 2018,
        "cvv2": "874",
        "first_name": "Betsy",
        "last_name": "Buyer",
        "billing_address": {
          "line1": "111 First Street",
          "city": "Saratoga",
          "state": "CA",
          "postal_code": "95070",
          "country_code": "US"
        }
      }
    }]
  },
  "transactions": [{
    "amount": {
      "total": "7.47",
      "currency": "USD",
      "details": {
        "subtotal": "7.41",
        "tax": "0.03",
        "shipping": "0.03"
      }
    },
    "description": "The payment transaction description."
  }]
}'

Note: For sandbox calls, you can use the credit card numbers provided in your sandbox accounts.

A successful call returns payment details.

These details include the PayPal-generated ID for the payment, the date and time when the payment was created, the payment state, which for credit card payments is approved, payer information, and transaction information.

The transaction information includes related resources, which is an array of the financial transactions that are related to the payment.

The related resources include sales, authorizations, captures, and refunds. To get information about a resource, use the ID returned for that resource. For example, to show details for a related authorization, use the ID returned in the authorization object. You can also use the HATEOAS links for a related resource to complete operations for that resource. For example, a sale object provides a refund link that enables you to refund the sale.

{
  "id": "PAY-17S8410768582940NKEE66EQ",
  "create_time": "2013-01-31T04:12:02Z",
  "update_time": "2013-01-31T04:12:04Z",
  "state": "approved",
  "intent": "sale",
  "payer": {
    "payment_method": "credit_card",
    "funding_instruments": [{
      "credit_card": {
        "type": "visa",
        "number": "xxxxxxxxxxxx0331",
        "expire_month": 11,
        "expire_year": 2018,
        "first_name": "Betsy",
        "last_name": "Buyer",
        "billing_address": {
          "line1": "111 First Street",
          "city": "Saratoga",
          "state": "CA",
          "postal_code": "95070",
          "country_code": "US"
        }
      }
    }]
  },
  "transactions": [{
    "amount": {
      "total": "7.47",
      "currency": "USD",
      "details": {
        "tax": "0.03",
        "shipping": "0.03"
      }
    },
    "description": "The payment transaction description.",
    "related_resources": [{
      "sale": {
        "id": "4RR959492F879224U",
        "create_time": "2013-01-31T04:12:02Z",
        "update_time": "2013-01-31T04:12:04Z",
        "state": "completed",
        "amount": {
          "total": "7.47",
          "currency": "USD"
        },
        "parent_payment": "PAY-17S8410768582940NKEE66EQ",
        "links": [{
          "href": "https://api.paypal.com/v1/payments/sale/4RR959492F879224U",
          "rel": "self",
          "method": "GET"
        }, {
          "href": "https://api.paypal.com/v1/payments/sale/4RR959492F879224U/refund",
          "rel": "refund",
          "method": "POST"
        }, {
          "href": "https://api.paypal.com/v1/payments/payment/PAY-17S8410768582940NKEE66EQ",
          "rel": "parent_payment",
          "method": "GET"
        }]
      }
    }]
  }],
  "links": [{
    "href": "https://api.paypal.com/v1/payments/payment/PAY-17S8410768582940NKEE66EQ",
    "rel": "self",
    "method": "GET"
  }]
}

Next

A sale is a completed payment. You can use the payment ID to show sale details and refund a sale.

Then, learn how to authorize payments that you can capture later.

Additional information