Save PayPal with the Orders API
Last updated: Oct 25th, 8:13pm
After customers save their PayPal Wallet, they can select it for faster checkout. Customers won't have to enter payment details for future transactions.
You can use the Orders API to create a transaction and then save the payer's PayPal Wallet.
Save PayPal with the Orders API if you haven't integrated with a PayPal client-side JavaScript SDK, but want to save the payer's PayPal Wallet during checkout.
Availability
Supported counteries
- Australia
- Austria
- Belgium
- Bulgaria
- Canada
- China
- Cyprus
- Czech Republic
- Denmark
- Estonia
- Finland
- France
- Germany
- Hong Kong
- Hungary
- Ireland
- Italy
- Japan
- Latvia
- Liechtenstein
- Lithuania
- Luxembourg
- Malta
- Netherlands
- Norway
- Poland
- Portugal
- Romania
- Singapore
- Slovakia
- Slovenia
- Spain
- Sweden
- United Kingdom
- United States
Know before you code
- The Orders API supports saving PayPal and card payment methods only.
- You must be approved to enable a reference transaction if you want to save PayPal as a payment source. Contact your account manager for details.
How it works
When a payer on your website saves their payment method, PayPal creates a customer record. PayPal then encrypts the payment method information and stores it in a digital vault. The vault is accessible only by the billing agreement holder.
- The payer saves their payment method.
- For a first-time payer, PayPal creates a customer ID. Store this within your system for future use.
- Pass a call into the Orders API. Include the payment method, customer ID, and an indication that the payment method should be saved.
- If the order is processed and the payment method is saved, you receive a payment method token in the Orders API response.
- Pass the payment method token into the Orders API to populate the checkout page with the saved payment method.
The checkout process is now shorter because it uses saved payment information.
Server side
Set up your server to call the Create Order API. The button that the payer selects determines the payment_source
sent in the following sample. In the following sample, the payment_source
for future use by the payer.
The merchant_customer_id
is an optional field that can be used to store your customer identifier information in PayPal. After a successful payment capture, the API response will return the merchant_customer_id
information.
Create order and save payment
Platform
- Request
- Response
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/ \2 -H "Content-Type: application/json" \3 -H "Authorization: Bearer ACCESS-TOKEN" \4 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \5 -H "PayPal-Request-ID: 1337623214" \6 -d '{7 "intent": "CAPTURE",8 "payment_source": {9 "paypal": {10 "attributes": {11 "customer": {12 "merchant_customer_id": "customer@example.com"13 },14 "vault": {15 "store_in_vault": "ON_SUCCESS",16 "usage_type": "PLATFORM"17 }18 },19 "experience_context": {20 "return_url": "https://example.com/returnUrl",21 "cancel_url": "https://example.com/cancelUrl"22 }23 }24 },25 "purchase_units": [{26 "amount": {27 "currency_code": "USD",28 "value": "100.00"29 },30 "payee": {31 "merchant_id": "MERCHANT-ID"32 }33 }]34 }'
Note the status
of the response. Some payment sources need payer approval before payment. If so, return the id
back to your client to redirect the payer to a flow where they approve the payment method.
Merchant
- Request
- Response
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/ \2-H "Content-Type: application/json" \3-H "Authorization: Bearer ACCESS-TOKEN" \4-H 'PayPal-Auth-Assertion: AUTH-ASSERTION-TOKEN' \5-H 'PayPal-Partner-Attribution-ID: BN-CODE' \6-H "PayPal-Request-ID: 1337623214" \7-d '{8 "intent": "CAPTURE",9 "payment_source": {10 "paypal": {11 "attributes": {12 "customer": {13 "merchant_customer_id": "customer@example.com"14 },15 "vault": {16 "store_in_vault": "ON_SUCCESS",17 "usage_type": "MERCHANT"18 }19 },20 "experience_context": {21 "return_url": "https://example.com/returnUrl",22 "cancel_url": "https://example.com/cancelUrl"23 }24 }25 },26 "purchase_units": [{27 "amount": {28 "currency_code": "USD",29 "value": "100.00"30 }31 }]32}'
Note the status
of the response. Some payment sources need payer approval before payment. If so, return the id
back to your client to redirect the payer to a flow where they approve the payment method.
Payer approval
Call the payer approval flow by redirecting to the "approve"
URL.
Authorize order request
- Platform
- Merchant
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T/authorize \2 -H "Content-Type: application/json" \3 -H "PayPal-Request-ID: 1337623214" \4 -H "Authorization: Bearer ACCESS-TOKEN" \5 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \6 -d '{}'
Capture order request
- Platform
- Merchant
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T/capture \2 -H "Content-Type: application/json" \3 -H "PayPal-Request-ID: 1337623214" \4 -H "Authorization: Bearer ACCESS-TOKEN" \5 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \6 -d '{}'
The HTTP response codes HTTP 2xx
or HTTP 200
are returned for a successful request.
The capture is successful if the purchase_units[0].payments.captures.status
is COMPLETED
. You can confirm with the payer that the payment has been captured.
1{2 {3 "id": "9YF83379T2523751N",4 "status": "COMPLETED",5 "payment_source": {6 "paypal": {7 "email_address": "email@example.com",8 "account_id": "AJM9JTWQJCFTA",9 "name": {10 "given_name": "Firstname",11 "surname": "Lastname"12 },13 "address": {14 "country_code": "US"15 },16 "attributes": {17 "vault": {18 "id": "nkq2y9g",19 "customer": {20 "id": "ROaPMoZUaV",21 "merchant_customer_id": "customer@example.com"22 },23 "status": "VAULTED",24 "links": [{25 "href": "https://api-m.sandbox.paypal.com/v3/vault/payment-tokens/64n9c42",26 "rel": "self",27 "method": "GET"28 },29 {30 "href": "https://api-m.sandbox.paypal.com/v3/vault/payment-tokens/64n9c42",31 "rel": "delete",32 "method": "DELETE"33 },34 {35 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",36 "rel": "up",37 "method": "GET"38 }39 ]40 }41 }42 }43 },44 "purchase_units": [{45 "reference_id": "default",46 "shipping": {47 "name": {48 "full_name": "Firstname Lastname"49 },50 "address": {51 "address_line_1": "1 Main St",52 "admin_area_2": "San Jose",53 "admin_area_1": "CA",54 "postal_code": "95131",55 "country_code": "US"56 }57 },58 "payments": {59 "captures": [{60 "id": "9LY87817BF120310A",61 "status": "COMPLETED",62 "amount": {63 "currency_code": "USD",64 "value": "100.00"65 },66 "final_capture": true,67 "seller_protection": {68 "status": "ELIGIBLE",69 "dispute_categories": [70 "ITEM_NOT_RECEIVED",71 "UNAUTHORIZED_TRANSACTION"72 ]73 },74 "seller_receivable_breakdown": {75 "gross_amount": {76 "currency_code": "USD",77 "value": "100.00"78 },79 "paypal_fee": {80 "currency_code": "USD",81 "value": "3.98"82 },83 "net_amount": {84 "currency_code": "USD",85 "value": "96.02"86 }87 },88 "links": [{89 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/9LY87817BF120310A",90 "rel": "self",91 "method": "GET"92 },93 {94 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/9LY87817BF120310A/refund",95 "rel": "refund",96 "method": "POST"97 },98 {99 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",100 "rel": "up",101 "method": "GET"102 }103 ],104 "create_time": "2022-08-12T18:16:42Z",105 "update_time": "2022-08-12T18:16:42Z"106 }]107 }108 }],109 "payer": {110 "name": {111 "given_name": "Firstname",112 "surname": "Lastname"113 },114 "email_address": "email@example.com",115 "payer_id": "AJM9JTWQJCFTA",116 "address": {117 "country_code": "US"118 }119 },120 "links": [{121 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",122 "rel": "self",123 "method": "GET"124 }]125 }
In the response from the authorize or capture request, the Orders v2 API interacts with the Vault v3 API. The Vault v3 API allows a PayPal wallet to be saved. The response from the Orders v2 API contains the:
vault.id
vault.status
- links for the payment token of a recently vaulted PayPal Wallet.
Check Orders API response
Saving a payment source doesn't require the payer to be present after the payment has been authorized or captured. To keep checkout times as short as possible for payers, the Orders API returns a response as soon as a payment is captured.
Payment may be authorized or captured and a successful response returned from the Orders API without the provided payment_source
being saved. In this scenario, the response returns the attributes.vault.status
as "APPROVED"
, instead of "VAULTED"
.
An example of the attributes
object from this scenario is included in the following sample:
1"attributes": {2 "vault": {3 "status": "APPROVED",4 "links": [5 {6 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T",7 "rel": "up",8 "method": "GET"9 }10 ]11 }12 }
Webhooks for saving payment methods
You can configure and subscribe to the VAULT.PAYMENT-TOKEN.CREATED
webhook, which is generated when saving payment methods with the Orders API.
You'll receive a vault_id
when an APPROVED
status is returned.
Event | Trigger | Payment methods |
---|---|---|
VAULT.PAYMENT-TOKEN.CREATED |
A payment token is created to save a payment method. | Cards and PayPal |
VAULT.PAYMENT-TOKEN.DELETED |
A payment token is deleted. The payer's payment method is no longer saved to the PayPal vault. | Cards and PayPal |
VAULT.PAYMENT-TOKEN.DELETION-INITIATED |
A request to delete a payment token has been submitted to the Payment Method Tokens API. | PayPal |
For more information on webhooks, see webhooks.
Next step
Follow Use payment method token with checkout for subsequent or recurring transactions.