Capture and instant transfer

DocsCurrent

Last updated: Oct 30th, 1:11pm

Use this integration to capture money from your buyers and move it to your sellers instantly.

Know before you code

To use this integration you must:

Contact us to be an approved partner.

Onboard merchants before you begin this integration.

Inform your merchants of PayPal's Seller Protection policy, so they are aware of use cases that invalidate that protection, such as shipping to an address other than the one in the transaction confirmation.

Note: This server-side integration uses the Orders REST API for this server-side integration. You’ll need to set intent to capture in the create order call for this feature to work.

Generate PayPal-Auth-Assertion header

You’ll need to Pass the PayPal-Auth-Assertionheader with the standard Content-Type, Authorization, and PayPal-Request-ID headers. In client-side JavaScript, the value of the PayPal-Auth-Assertion header can be generated as follows:

1// client-side JavaScript
2
3
4function encodeObjectToBase64(object) {
5  const objectString = JSON.stringify(object);
6  return window.btoa(objectString);
7}
8
9
10const clientId = "CLIENT-ID";
11const sellerPayerId = "SELLER-PAYER-ID"; // preferred
12// const sellerEmail = "SELLER-ACCOUNT-EMAIL"; // use instead of payer-id if required
13
14
15const header = {
16  alg: "none"
17};
18const encodedHeader = encodeObjectToBase64(header);
19
20
21const payload = {
22  iss: clientId,
23  payer_id: sellerPayerId
24  // email: sellerEmail
25};
26const encodedPayload = encodeObjectToBase64(payload);
27
28
29const jwt = `${encodedHeader}.${encodedPayload}.`; // json web token
30console.log(`Paypal-Auth-Assertion=${jwt}`);

Note: The token contains two period (.) characters, which are required according to the JSON web token structure.

Modify the code

Use the client ID of the platform or marketplace from the PayPal Developer dashboard for clientId.
In the given example, the sellerPayerId is the payer ID of the receiving seller's PayPal account. You can also use email instead of payer_id and supply the email address of the seller's PayPal account.

Example functions to generate the PayPal-Auth-Assertion header in other programming environments:

Node.js

1// Node.js
2
3
4          function encodeObjectToBase64(object) {
5            const objectString = JSON.stringify(object);
6            return Buffer
7              .from(objectString)
8              .toString("base64");
9          }
10
11
12          const clientId = "CLIENT-ID";
13          const sellerPayerId = "SELLER-PAYER-ID"; // preferred
14          // const sellerEmail = "SELLER-ACCOUNT-EMAIL"; // use instead if payer-id unknown
15
16
17          const header = {
18            alg: "none"
19          };
20          const encodedHeader = encodeObjectToBase64(header);
21
22
23          const payload = {
24            iss: clientId,
25            payer_id: sellerPayerId
26            // email: sellerEmail
27          };
28          const encodedPayload = encodeObjectToBase64(payload);
29
30
31          const jwt = `${encodedHeader}.${encodedPayload}.`; // json web token
32          console.log(`Paypal-Auth-Assertion=${jwt}`);

Java

1// Java
2
3
4import org.apache.commons.codec.binary.Base64;
5
6
7public class Base64Encode {
8
9
10  public static void main(String[] args) {
11    String clientId = "CLIENT-ID";
12    String sellerPayerId = "SELLER-PAYER-ID"; // preferred
13    // String sellerEmail = "SELLER-ACCOUNT-EMAIL"; // use instead if payer-id unknown
14
15
16    String header = "{\"alg\":\"none\"}";
17    String payload =
18      "{\"iss\":\"" + clientId + "\",\"payer_id\":\"" + sellerPayerId + "\"}";
19    // "{"iss":"" + clientId + "","email":"" + sellerEmail + ""}";
20
21
22    byte[] encodedHeader = Base64.encodeBase64(header.getBytes());
23    byte[] encodedPayload = Base64.encodeBase64(payload.getBytes());
24
25
26    String jwt = new String(encodedHeader) +
27      "." +
28      new String(encodedPayload) +
29      "."; // json web token
30    System.out.println("Paypal-Auth-Assertion=" + jwt);
31  }
32}

Create order

You must first create an order and capture funds. To create an order, copy the following code and modify as follows:

Replace BN-CODE with your PayPal attribution ID
Replace PAYPAL-AUTH-ASSERTION with your PayPal auth assertion generated from Step 1.
Use the purchase_units/payee object to specify the end receiver of the funds.
Set the purchase_units/payment_instruction/disbursement_mode field to `DELAYED`.
Use the purchase_units/payment_instruction/platform_fees array to specify fees for the order. To use this array, ensure that the merchants are onboarded with the Platform Fee feature enabled for your app. On the app settings page of your app, you can configure specific features. To configure your app to include PARTNER_FEE, from the developer dashboard, navigate to your app settings page and toggle Platform Fee to select the feature.

Sample request - cURL

1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders
2-H 'Content-Type: application/json' -H 'Authorization: Bearer ACCESS-TOKEN'
3-H 'PayPal-Partner-Attribution-Id: BN-CODE'
4-H 'PayPal-Auth-Assertion: PAYPAL-AUTH-ASSERTION'
5-d '{
6"intent":"CAPTURE",
7"purchase_units":[
8{
9"amount":{
10"currency_code":"USD",
11"value":"100.00"
12},
13"payment_instruction":{
14"disbursement_mode":"INSTANT",
15"platform_fees":[
16{
17"amount":{
18"currency_code":"USD",
19"value":"25.00"
20}
21}
22]
23}
24}
25]
26}

Sample request - Node

1var express =require('express');
2var request =require('request');
3express().post('/my-server/create-order',function(req, res){
4	request.post('https://api-m.sandbox.paypal.com/v2/checkout/orders',{
5headers:{
6"Content-Type":"application/json",
7"Authorization":"Bearer ACCESS-TOKEN",
8"PayPal-Partner-Attribution-Id":"BN-CODE",
9"PayPal-Auth-Assertion":"PAYPAL-AUTH-ASSERTION"
10},
11body:{
12"intent":"CAPTURE",
13"purchase_units":[{
14"amount":{
15"currency_code":"USD",
16"value":"100.00"
17},
18"payment_instruction":{
19"disbursement_mode":"INSTANT",
20"platform_fees":[{
21"amount":{
22"currency_code":"USD",
23"value":"25.00"
24}
25}]
26}
27}],
28},
29json:true
30},function(err, response, body){
31if(err){
32console.error(err);
33return res.sendStatus(500);
34}
35		res.json({
36id: body.id
37});
38});
39});

Capture order

After your buyer approves the order, call capture order to capture the buyer’s funds.

Copy the following code and modify as follows:

Replace ACCESS-TOKEN with your access token.
Replace BN-CODE with your PayPal partner attribution ID.
Replace PAYPAL-AUTH-ASSERTION with your PayPal auth assertion generated from Step 1.

Sample request - cURL

1curl -v -k -X POST https://api-m.paypal.com/v2/checkout/orders/5O190127TN364715T/capture
2-H 'Content-Type: application/json'
3-H 'Authorization: Bearer ACCESS-TOKEN'
4-H 'PayPal-Partner-Attribution-Id: BN-CODE'
5-H 'PayPal-Auth-Assertion: PAYPAL-AUTH-ASSERTION'
6-d '{}'

Sample request - Node

1var express = require('express');
2var request = require('request');
3express().post('/my-server/handle-approve/:id', function(req, res) {
4	var OrderID = req.params.id;
5	request.post('https://api-m.sandbox.paypal.com/v2/checkout/orders/' + OrderID + '/capture', {
6		headers: {
7			"Content-Type": "application/json",
8			"Authorization": "Bearer ACCESS-TOKEN",
9			"PayPal-Partner-Attribution-Id": "BN-CODE",
10			"PayPal-Auth-Assertion": "PAYPAL-AUTH-ASSERTION"
11		}
12	}, function(err, response, body) {
13		if (err) {
14			console.error(err);
15			return res.sendStatus(500);
16		}
17		res.json({
18			status: 'success'
19		});
20	});
21});

Note: Orders cannot be captured until the status of the order is set to APPROVED. The order status is set to APPROVED when the buyer successfully completes the checkout flow.

Show order details

To see your order details, pass the order ID as a path parameter in a show order details call.

Copy the following code and modify as follows:

Replace ACCESS-TOKEN with your access token.
Replace BN-CODE with your PayPal partner attribution ID.
Replace PAYPAL-AUTH-ASSERTION with your PayPal auth assertion generated from Step 1.

Sample request - cURL

1curl -v -X GET https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T
2-H "Content-Type: application/json"
3-H 'Authorization: Bearer ACCESS-TOKEN'
4-H 'PayPal-Partner-Attribution-Id: BN-CODE'
5-H 'PayPal-Auth-Assertion: PAYPAL-AUTH-ASSERTION'

Sample request - Node

1var http = require("https");
2var options = {
3	"method": "GET",
4	"hostname": "api-m.sandbox.paypal.com",
5	"port": null,
6	"path": "/v2/checkout/orders/5O190127TN364715T",
7	"headers": {
8		"Content-Type": "application/json",
9		"Authorization": "Bearer ACCESS-TOKEN",
10		"PayPal-Partner-Attribution-Id": "BN-CODE",
11		"PayPal-Auth-Assertion": "PAYPAL-AUTH-ASSERTION"
12	}
13};
14var req = http.request(options, function(res) {
15	var chunks = [];
16	res.on("data", function(chunk) {
17		chunks.push(chunk);
18	});
19	res.on("end", function() {
20		var body = Buffer.concat(chunks);
21		console.log(body.toString());
22	});
23});
24req.end();

Next Steps

Integration Checklist

Go through the integration checklist before you go live.