Build onboarding into your software

SDKCurrent


We've made changes to this page and its layout to improve the developer experience

Let us know what you think of the updated documentation by selecting the feedback tab below.

How it works

Set up your software package to onboard sellers with PayPal if you create a downloadable ecommerce software package for sellers.

A seller signs up with PayPal with a signup link embedded in your software package. After the seller completes signup, PayPal shares the seller’s REST API credentials with the software package. Use the seller’s API credentials to make the API calls to PayPal.

This integration only includes cart capabilities. It does not include other features such as a Platform Fee, Delayed Disbursement, Partner Reporting, or the Disputes API.

Note: Build onboarding into software will not work with Onboarding after payment. You cannot use this integration if you want to onboard sellers after payment. Onboarding after payment only supports 3rd party-hosted SaaS platform in which you are the 3rd party that is allowed to facilitate payments on behalf of the sellers.

Know before you code

Required

To use this integration, you must:

  • Be an approved partner.
  • Have an access token
  • Inform your sellers of PayPal's Seller Protection policy, so they are aware of use cases that invalidate that protection, such as shipping to an address other than the one in the transaction confirmation.
Get access token
Required

This integration uses the Partner Referrals API:

  • The payment features available to your sellers vary by the type of onboarding you choose. See onboarding options for more information.
  • Use Postman to explore and test PayPal APIs.
Run in PostmanSee Partner Referrals API

1. Generate signup link

Call the Partner Referrals API to generate a link that redirects your sellers to sign up with PayPal. Pass your seller’s information during the API call to pre-fill the PayPal signup form with your seller’s information.

Modify the sample request

1curl -v -X POST https://api-m.sandbox.paypal.com/v2/customer/partner-referrals \
2 -H "Content-Type: application/json" \
3 -H "Authorization: Bearer ACCESS-TOKEN" \
4 -d '{
5 "operations": [
6 {
7 "operation": "API_INTEGRATION",
8 "api_integration_preference": {
9 "rest_api_integration": {
10 "integration_method": "PAYPAL",
11 "integration_type": "FIRST_PARTY",
12 "first_party_details": {
13 "features": [
14 "PAYMENT",
15 "REFUND"
16 ],
17 "seller_nonce": "SELLER-SINGLE-USE-TOKEN"
18 }
19 }
20 }
21 }
22 ],
23 "products": [
24 "EXPRESS_CHECKOUT"
25 ],
26 "legal_consents": [
27 {
28 "type": "SHARE_DATA_CONSENT",
29 "granted": true
30 }
31 ]
32}'

Copy the sample request above and modify it as follows:

  • Change ACCESS-TOKEN to your access token.
  • Change PRODUCTS to a value from the products array. The products array value determines the type of payment your seller can accept. Express Checkout includes the PayPal button, debit and credit cards, PayPal Credit, and alternative payment methods. PPCP includes the PayPal button and advanced credit and debit cards.
  • Change SELLER-SINGLE-USE-TOKEN to a one-time string to identify the seller. Create a random string between 43-128 bytes in length using only letters, numbers, dashes and underscores.

Sample response

1{
2 "links": [
3 {
4 "href": "https://api-m.sandbox.paypal.com/v2/customer/partner-referrals/NDZlMjQ1YTItMGQwNi00ZjlkLWJjNmYtYjcwODNiMWEzOTk0c203SWFJeU9NQ3gvcDEvbUVaS21rWFAvSWdlV1JKWktGRGxPUFA1MEZtUT12Mg==",
5 "rel": "self",
6 "method": "GET",
7 "description": "Read Referral Data shared by the Caller."
8 },
9 {
10 "href": "https://www.sandbox.paypal.com/us/merchantsignup/partner/onboardingentry?token=NDZlMjQ1YTItMGQwNi00ZjlkLWJjNmYtYjcwODNiMWEzOTk0c203SWFJeU9NQ3gvcDEvbUVaS21rWFAvSWdlV1JKWktGRGxPUFA1MEZtUT12Mg==",
11 "rel": "action_url",
12 "method": "GET",
13 "description": "Target WEB REDIRECT URL for the next action. Customer should be redirected to this URL in the browser."
14 }
15 ]
16}

A successful request results in the following:

  • A return status code of HTTP 201 Created.
  • A HATEOAS self link. Make a GET request to this link to retrieve the referral data and to reinitialize the action_url.
  • A HATEOAS action_url link. Place this link in a button or link tag to redirect your sellers to sign up with PayPal. The action_url expires after its first use. Get another link by making a GET request to the self link or by calling the Partner Referrals API again.

Note: If you make a GET call to the Partner Referrals API, the response returns only user data you have passed in about the seller and not any data the seller might have provided on paypal.com.

2. Embed signup link

Use the following code and the action_url to redirect your seller to signup with PayPal

1<script>
2 function onboardedCallback(authCode, sharedId) {
3 fetch('/seller-server/login-seller', {
4 method: 'POST',
5 headers: {
6 'content-type': 'application/json'
7 },
8 body: JSON.stringify({
9 authCode: authCode,
10 sharedId: sharedId
11 })
12 }).then(function(res) {
13 if (!res.ok) {
14 alert("Something went wrong!");
15 }
16 });
17 }
18</script>
19<a target="_blank" data-paypal-onboard-complete="onboardedCallback" href="<Action-URL>&displayMode=minibrowser" data-paypal-button="true">Sign up for PayPal</a>
20<script id="paypal-js" src="https://www.sandbox.paypal.com/webapps/merchantboarding/js/lib/lightbox/partner.js"></script>

After the seller completes onboarding, pass a callback in the data-paypal-onboard-complete attribute. In response to this callback, PayPal returns an authCode and sharedID, which are required to get a seller access token.

In this example, the onboardedCallback function passed to the data-paypal-onboard-complete attribute sends the authCode and sharedId to the seller’s server.

Note: This code sample renders the PayPal sign-up flow in a minibrowser by setting the displayMode query parameter to minibrowser. Minibrowsers must conform to postMessage requirements.

3. Redirect seller to a return URL

When your seller completes the sign-up flow, they are shown a button that redirects them to the return URL you specified in the partner_config_override/return_url field of the Partner Referrals API.

If you didn’t specify a return URL in your API call, then the button redirects the seller to the return URL set on your account. Work with your account manager to set a return URL. If you don’t set a return URL on your account, then the button sends the seller to the PayPal dashboard for their account.

1https://<var><Return-URL></var>?merchantIdInPayPal=<var><Merchant-ID-In-PayPal></var>&permissionsGranted=false&accountStatus=BUSINESS_ACCOUNT&consentStatus=false&productIntentID=addipmt&isEmailConfirmed=true&returnMessage=To%20start%20accepting%20payments,%20please%20log%20in%20to%20PayPal%20and%20finish%20signing%20up.

During the redirect, PayPal loads the return URL in your seller’s browser and attaches the following query parameters:

ParameterDescription
merchantIdInPayPalThe merchant ID of your seller's PayPal account.
permissionsGrantedThis parameter is set to false.
accountStatusIndicates what kind of account was created. For example, BUSINESS_ACCOUNT if a business account was created.
consentStatusThis parameter is set to false.
productIntentIDIt is set to addipmt.
isEmailConfirmedA Boolean indicating whether the seller has confirmed their email with PayPal.
returnMessageA message containing next steps for the seller to take with PayPal.

4. Get seller access token

When your seller completes the sign-up flow, PayPal returns an authCode and sharedId to your seller’s browser. Use the authCode and sharedId to get the seller’s access token. Then, use this access token to get the seller’s REST API credentials.

Sample request

Use the following code to get the seller’s access token:

  1. cURL
  2. node
1curl -X POST https://api-m.sandbox.paypal.com/v1/oauth2/token
2-u SHARED-ID:
3-d 'grant_type=authorization_code&code=AUTH-CODE&code_verifier=SELLER-TOKEN'

Sample response

1{
2 "scope": "https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/payments/refund https://uri.paypal.com/services/applications/webhooks",
3 "access_token": "A23AAHclqoiifoeiP9H4jLNZ7OJjcPlvdANa3UoJ2Zq5qn_kg-Mf9eaV_gW8X2H4a3cXYc4jwnwcLukxiST4SkPesqAw-rn5Q",
4 "token_type": "Bearer",
5 "expires_in": 28799,
6 "refresh_token": "R23AAG9SXLtr70FIgRGYWzFeon5pA8lwC6cX7F9pvK4db83uxptI5AuTw8jao55NowN5M37_1SBjvZ5kKAhoxZ4GtT1GacZEN5zdZP0AFjKU4N0-KYY6RYEk0rU4XW7D0878W54SYfbmE5pNHPnrA",
7 "nonce": "2020-02-05T15:43:54ZiBnhkZ7DMRJpzXd_AhUCfHgT2fPBWicqo1r7A2zbAj8"
8}

Note: Only use the seller’s access token returned by grant_type=authorization_code. For all other REST API calls that require an access token, use your access token.

5. Get seller REST API credentials

Use your seller’s REST API credentials to process payments and handle refunds. Get seller REST API credentials using the seller’s access token.

Modify the sample request

Copy the sample request and change SELLER-ACCESS-TOKEN to the seller’s access token.

1curl -X GET https://api-m.sandbox.paypal.com/v1/customer/partners/PARTNER-MERCHANT-ID/merchant-integrations/credentials/ \
2 -H 'Authorization: Bearer SELLER-ACCESS-TOKEN' \
3 -H 'Content-Type: application/json'

The partner_merchant_id is the merchant ID of your PayPal account.

To find the merchant ID of your PayPal account, log in to your PayPal account at paypal.com. Hover over your name or profile icon on the top right, select Account Settings > Business information, and look for PayPal Merchant ID.

To find the merchant ID of your sandbox account, follow the same instructions on sandbox.paypal.com.

Sample response

1{
2 "client_id": "Ab27r3fkrQezHdcPrn2b2SYzPEldXx2dWgv76btVfI-eYF8KRAd2WxXAZyb0ETygSNeHBthzlxjlQ_qw",
3 "client_secret": "EAcTvpnDHZf4icl_2MPnt2gRpOxHVtaQJChWU3PrRbYR4uyvUXV6h4DWQjm7XOfdnk_OrEEWdxY2eUG3",
4 "payer_id": "CG5RZJV4NR5P4"
5}

Next steps

Recommended
Accept payments

Integrate your payment solution.