Test in sandbox

DocsCURRENT

Last updated: Nov 21st, 6:23am

You can test account update errors in the sandbox. If you want to understand the response if you updated an account without adding a required data point, exclude the data point from your update calls.

The default state for updating bank accounts in the sandbox is a happy path because we cannot verify test data. To test negative scenarios, use a simulation keyword for the specific use case, as shown in the following examples.

Refer to the process flow in Update merchant information for sandbox testing.

Incorrect business information

Use case scenario: Update an account that previously completed KYC verification with incorrect merchant name or business information.

Simulation code: The business_name in the patch must be DECLINED.

1[
2    {
3        "op": "replace",
4        "path": "/business_entity/names/@id=='S7S37669QZ2BN'",
5        "value": {
6            "business_name": "DECLINED",
7            "type": "LEGAL"
8        }
9    }
10]

Incorrect primary authorized user name

Use case: Update a sole proprietor account that has already completed KYC verification with an incorrect primary authorized name.

Simulation code:

The given_name for the primary authorized user (individual_owners) must contain the word "DECLINED" (e.g., DECLINEDDAVID).

The surname for the primary authorized user (individual_owners) must be "DECLINED".

1[
2    {
3        "op": "replace",
4        "path": "/individual_owners/@id=='{{account_id}}'/names/@id=='HMWK8QBM8V5W'",
5        "value": {
6            "given_name": "James DECLINED",
7            "surname": "DECLINED",
8            "type": "LEGAL"
9        }
10    }
11]

Incorrect beneficial owner

Use case scenario: Update a merchant account with an incorrect beneficial owner name.

Simulation code: The given_name and surname for the beneficial owner (office_bearers or beneficial_owners) must be "DECLINED".

Office bearers
Beneficial owners

1[  
2    {  
3        "op":"replace",
4         "path":"/business_entity/office_bearers/individuals/@id=='{{ob_id}}'/names",
5         "value": [{
6             "type": "LEGAL",
7             "given_name": "Another DECLINED",
8              "surname": "DECLINED"
9          }]
10     }
11]

Incorrect beneficial owner address

Use case scenario: Update a merchant account with incorrect beneficial owner or office bearer address.

Simulation code: For stakeholders (office_bearers or beneficial_owners):

address_line_1 must be Campus 611

address_line_2 must be 300

admin_area_2 must be 300

Office bearers
Beneficial owners

1[
2  {
3    "op": "replace",
4    "path": "/business_entity/office_bearers/individuals/@id=='{{ob_id}}'/addresses",
5    "value": [
6      {
7        "type": "HOME",
8        "address_line_1": "Campus 611",
9        "address_line_1": "300"
10        "admin_area_2": "300",
11        "postal_code": "12345",
12        "country_code": "US"
13      }
14    ]
15  }
16]

Incorrect business name and beneficial owner name

Use case scenario: Update a merchant account with an incorrect business name and beneficial owner name.

Simulation code:

The business_name must be "DECLINED".

The given_name and surname for the beneficial owner (office_bearers or beneficial_owners) must be "DECLINED".

1[
2    {
3        "op": "replace",
4        "path": "/business_entity/names/@id=='S7S37669QZ2BN'",
5        "value": {
6            "business_name": "DECLINED",
7            "type": "LEGAL"
8        }
9    },
10    {  
11        "op":"replace",
12         "path":"/business_entity/beneficial_owners/individuals/@id=='{{bo_id}}'/names",
13         "value": [{
14             "type": "LEGAL",
15             "given_name": "Another DECLINED",
16             "surname": "DECLINED"
17          }]
18     }
19]

Incorrect beneficial owner address and primary authorized user information

Use case scenario: Update a merchant account with an incorrect beneficial owner address, incorrect primary authorized user information, and missing primary authorized user information.

Simulation code:

The given_name for the primary authorized user (individual_owners) must contain the word "DECLINED".

The given_name and surname for the beneficial owner(office_bearers or beneficial_owners) must be "DECLINED".

Do not include a required data point for a primary authorized user. In this example, we exclude the date of birth.

1[
2    {
3        "op": "replace",
4        "path": "/individual_owners/@id=='{{account_id}}'/names/@id=='HMWK8QBM8V5W'",
5        "value": {
6            "given_name": "James DECLINED",
7            "surname": "Collins",
8            "type": "LEGAL"
9        }
10    },
11    {  
12        "op":"replace",
13         "path":"/business_entity/beneficial_owners/individuals/@id=='{{bo_id}}'/names",
14         "value": [{
15             "type": "LEGAL",
16             "given_name": "Another DECLINED",
17             "surname": "DECLINED"
18          }]
19     }
20]

Simulate limitations in sandbox

Use case scenario: Update a key value on the merchant account and trigger a re-verification failure. The system will apply a limitation after 30 days.

You don't have to wait 30 days to verify the limitation. Instead, you can complete the following steps to advance all the limitation counters on a merchant account:

Use the PATCH API with an add operation and a single email object.

Use this specific format for the email address you use for the PATCH request, paypaltimetravel.x@domain.com where x represents the number of days you want to simulate. For example, if you want to simulate 30 days passing, you would set x = 30. The email should end with a valid domain.

When processed, the PATCH request advances the counter, but the email address is not stored and does not affect the account.

Simulation code:

Create a sole proprietor account using keywords that fail verification.

Edit the account with keywords that trigger a failed re-verification. For example, change the given name of the primary authorized user (individual_owners) to DECLINEDDAVID and the surname to DECLINED.

After PayPal creates the merchant account and sends webhooks about the status change, complet a GET request to confirm that a limitation is placed on the account. Now, use the PATCH API to add the email address paypaltimetravel.30@paypal.com to the account.

Note: Do not combine the passage of time simulation with other operations in the same PATCH request. For example, you cannot add an email address and phone number in the same request.

1[
2    {
3        "op": "add",
4        "path": "/individual_owners/@id=='{id}'/emails/-",
5        "value": {
6            "email": "paypaltimetravel.30@paypal.com"
7        }
8    }
9]

Next steps:

When you receive an account status updated webhook, complete a GET request to confirm that all transactions and withdrawals are blocked.

Test in sandbox

Incorrect business information

Incorrect primary authorized user name

Incorrect beneficial owner

Incorrect beneficial owner address

Incorrect business name and beneficial owner name

Incorrect beneficial owner address and primary authorized user information

Simulate limitations in sandbox

If you accept cookies, we’ll use them to improve and customize your experience and enable our partners to show you personalized PayPal ads when you visit other sites. Manage cookies and learn more