Payment Method Tokens API
Version notice: This API uses /v2/vault endpoints. Vault v3 endpoints are now available in the United States. Payment tokens created with Vault v2 are fully compatible with Vault v3. You can upgrade to v3 at any time.Payment tokens (resource group)
List all payment tokens
Query parameters
pageinteger
page_sizeinteger
sourceenum
The possible values are:
CARD. A payment token that represent a card.PAYPAL. A payment token that represents a PayPal Wallet.
total_requiredboolean
customer_idstring
required
Header parameters
Paypal-Application-Contextstring
Authorizationstring
required
Sample Request
curl -v -X GET https://api-m.sandbox.paypal.com/v2/vault/payment-tokens?customer_id=customer_4029352050 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"Response
customer_idlinksarray (contains the link_description object)
payment_tokensarray (contains the min_vault_resource object)
total_itemsstring
total_pagesstring
Sample Response
{
"customer_id": "customer_4029352050",
"payment_tokens": [
{
"id": "8kk845",
"status": "CREATED",
"source": {
"card": {
"brand": "VISA",
"last_digits": "1111",
"verification_status": "NOT_VERIFIED"
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "GET"
},
{
"rel": "delete",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "DELETE"
}
]
},
{
"id": "6km842",
"status": "CREATED",
"source": {
"card": {
"brand": "VISA",
"last_digits": "1234",
"verification_status": "NOT_VERIFIED"
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/6km842",
"method": "GET"
},
{
"rel": "delete",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/6km842",
"method": "DELETE"
}
]
}
],
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens?customer_id=customer_4029352050&page=1&page_size=5&total_required=false",
"method": "GET"
},
{
"rel": "first",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens?customer_id=customer_4029352050&page=1&page_size=5&total_required=false",
"method": "GET"
},
{
"rel": "last",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens?customer_id=customer_4029352050&page=1&page_size=5&total_required=false",
"method": "GET"
}
]
}Add payment token to vault
Sample Request
curl -v -X POST https://api-m.sandbox.paypal.com/v2/vault/payment-tokens \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-H "PayPal-Request-ID: b5efbe82-bbad-4bb0-aeeb-bfef5b442e49" \
-d '{
"source": {
"card": {
"number": "4111111111111111",
"expiry": "2020-02",
"name": "John Doe",
"billing_address": {
"address_line_1": "2211 N First Street",
"address_line_2": "17.3.160",
"admin_area_1": "CA",
"admin_area_2": "San Jose",
"postal_code": "95131",
"country_code": "US"
}
}
},
"application_context": {
"brand_name": "YourBrandName",
"locale": "en-US",
"return_url": "https://example.com/returnUrl",
"cancel_url": "https://example.com/cancelUrl"
}
}'Response
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
Sample Response
{
"id": "8kk845",
"customer_id": "customer_4029352050",
"status": "CREATED",
"source": {
"card": {
"brand": "VISA",
"last_digits": "1111",
"verification_status": "NOT_VERIFIED"
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "GET"
},
{
"rel": "delete",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "DELETE"
}
]
}Delete payment token
Header parameters
Paypal-Application-Contextstring
Authorizationstring
required
Path parameters
idstring
required
Sample Request
curl -v -X DELETE https://api-m.sandbox.paypal.com/v2/vault/payment-tokens/8kk845 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"Response
Sample Response
204 No ContentShow a payment token
Header parameters
Paypal-Application-Contextstring
Authorizationstring
required
Path parameters
idstring
required
Sample Request
curl -v -X GET https://api-m.sandbox.paypal.com/v2/vault/payment-tokens/8kk845 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"Response
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
Sample Response
{
"id": "8kk845",
"customer_id": "customer_4029352050",
"status": "CREATED",
"source": {
"card": {
"last_digits": "1111",
"verification_status": "NOT_VERIFIED",
"expiry": "2024-12",
"brand": "VISA",
"billing_address": {
"address_line_1": "2211 N First Street",
"address_line_2": "Building 17",
"admin_area_2": "San Jose",
"admin_area_1": "CA",
"postal_code": "95131",
"country_code": "US"
}
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "GET"
},
{
"rel": "delete",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "DELETE"
}
]
}Approval tokens (resource group)
Show approval token
Header parameters
Paypal-Application-Contextstring
Authorizationstring
required
Path parameters
idstring
required
Sample Request
curl -v -X GET https://api-m.sandbox.paypal.com/v2/vault/approval-tokens/5C991763VB2781612 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token"Response
customer_ididstring
linksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.APPROVED. The approval token has been approved by the buyer. The approval token can be confirmed to a payment token using the /confirm-payment-token controller action.CREATED. The payment token has been vaulted.
Sample Response
{
"id": "5C991763VB2781612",
"status": "CUSTOMER_ACTION_REQUIRED",
"customer_id": "4029352050",
"source": {
"card": {
"brand": "VISA",
"last_digits": "1111",
"verification_status": "NOT_VERIFIED"
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/approval-tokens/5C991763VB2781612",
"method": "GET"
},
{
"href": "https://paypal.com/webapps/helios?action=authenticate&validate_session_id=82cf4a87-5c40-0a27-1a09-4ffbb0d05fdc",
"rel": "approve",
"method": "GET"
},
{
"rel": "confirm",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/5C991763VB2781612/confirm-payment-token",
"method": "POST"
}
]
}Create payment token from approval token
Header parameters
PayPal-Client-Metadata-Idstring
Paypal-Application-Contextstring
Preferstring
Authorizationstring
required
PayPal-Request-Idstring
required
Content-Typestring
Path parameters
idstring
required
Sample Request
curl -v -X POST https://api-m.sandbox.paypal.com/v2/vault/approval-tokens/5C991763VB2781612/confirm-payment-token \
-H "Content-Type: application/json" \
-H "Authorization: Bearer Access-Token" \
-H "PayPal-Request-ID: b5efbe82-bbad-4bb0-aeeb-bfef5b442e49"Response
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
Sample Response
{
"id": "8kk845",
"customer_id": "4029352050",
"status": "CREATED",
"source": {
"card": {
"brand": "VISA",
"last_digits": "1111",
"verification_status": "VERIFIED",
"verification_method": "SCA_WHEN_REQUIRED",
"verification": {
"authorization": {
"network_transaction_id": "20286098380002303",
"verification_time": "2020-10-07T22:44:41.000Z",
"amount": {
"value": "0.00",
"currency_code": "USD"
},
"processor_response": {
"avs_code": "M",
"cvv_code": "P"
}
},
"authentication": {
"three_d_secure": {
"type": "THREE_DS_AUTHENTICATION",
"eci_flag": "FULLY_AUTHENTICATED_TRANSACTION",
"card_brand": "VISA",
"enrolled": "Y",
"pares_status": "Y",
"three_ds_version": "2",
"authentication_type": "DYNAMIC",
"three_ds_server_transaction_id": "3d-secure-txn-id"
}
}
}
}
},
"links": [
{
"rel": "self",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "GET"
},
{
"rel": "delete",
"href": "https://api-m.paypal.com/v2/vault/payment-tokens/8kk845",
"method": "DELETE"
}
]
}Common object definitions
3ds_card_brand
3ds_card_brandenum
The possible values are:
AMERICAN_EXPRESS. Card Brand Amex.DISCOVER. Card Brand DISCOVER.JCB. Card Brand JCB.MAESTRO. Card Brand MAESTRO.MASTERCARD. Card Brand MASTERCARD.SOLO. Card Brand SOLO.VISA. Card Brand VISA.ELECTRON. Card Brand ELECTRON.ELO. Card Brand ELO.
3ds_result
typestring
access_control_server_transaction_idstring
authentication_typecard_brandcavvstring
cavv_algorithmdirectory_server_transaction_idstring
eci_flagenrolledmerchant_namestring
pares_statuspaypal_acquiring_binstring
paypal_acquiring_midstring
signature_verification_statusthree_ds_server_transaction_idstring
three_ds_versionstring
ucaf_indicatorxidstring
account_id
account_idstring
address_details
building_namestring
delivery_servicestring
street_namestring
street_numberstring
street_typestring
sub_buildingstring
address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
address_portable_postal_code_validation
address_portable_postal_code_validation
application_context
brand_namestring
cancel_urlstring
localepayment_method_preferencepermit_multiple_payment_tokensboolean
return_urlstring
shipping_preferenceenum
The possible values are:
GET_FROM_FILE. Use the payer-provided shipping address on the PayPal site.NO_SHIPPING. Redact the shipping address from the PayPal site. Recommended for digital goods.SET_PROVIDED_ADDRESS. Use the merchant/platform-provided address. The payer cannot change this address on the PayPal site. If the merchant does not pass an address, the customer can choose the address on the PayPal site.
vault_on_approvalboolean
application_context.payment_method
payee_preferredenum
The possible values are:
UNRESTRICTED. Accepts any type of payment from the customer.IMMEDIATE_PAYMENT_REQUIRED. Accepts only immediate payment from the customer. For example, credit card, PayPal balance, or instant ACH. Ensures that at the time of capture, the payment does not have the `pending` status.
payer_selectedenum
The possible values are:
PAYPAL_CREDIT. PayPal Credit.PAYPAL. PayPal.
approval_token_resource
customer_ididstring
linksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.APPROVED. The approval token has been approved by the buyer. The approval token can be confirmed to a payment token using the /confirm-payment-token controller action.CREATED. The payment token has been vaulted.
approval_token_status
approval_token_statusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.APPROVED. The approval token has been approved by the buyer. The approval token can be confirmed to a payment token using the /confirm-payment-token controller action.CREATED. The payment token has been vaulted.
authentication_details
three_d_secure
authentication_result_type
typeenum
The possible values are:
THREE_DS_AUTHENTICATION. The card was authenticated using 3D Secure (3DS) authentication scheme.
authentication_type
authentication_typeenum
The possible values are:
STATIC. Indicates fixed password.DYNAMIC. Indicates one-time password. Could be single-step or multi-step.OUT_OF_BAND. Indicates biometric over the phone.DECOUPLED. Indicates decoupled authentication.
authorization_details.processor_response
avs_codeenum
The possible values are:
A. For Visa, Mastercard, or Discover transactions, the address matches but the zip code does not match. For American Express transactions, the card holder address is correct.B. For Visa, Mastercard, or Discover transactions, the address matches. International A.C. For Visa, Mastercard, or Discover transactions, no values match. International N.D. For Visa, Mastercard, or Discover transactions, the address and postal code match. International X.E. For Visa, Mastercard, or Discover transactions, not allowed for Internet or phone transactions. For American Express card holder, the name is incorrect but the address and postal code match.F. For Visa, Mastercard, or Discover transactions, the address and postal code match. UK-specific X. For American Express card holder, the name is incorrect but the address matches.G. For Visa, Mastercard, or Discover transactions, global is unavailable. Nothing matches.I. For Visa, Mastercard, or Discover transactions, international is unavailable. Not applicable.M. For Visa, Mastercard, or Discover transactions, the address and postal code match. For American Express card holder, the name, address, and postal code match.N. For Visa, Mastercard, or Discover transactions, nothing matches. For American Express card holder, the address and postal code are both incorrect.P. For Visa, Mastercard, or Discover transactions, postal international Z. Postal code only.R. For Visa, Mastercard, or Discover transactions, re-try the request. For American Express, the system is unavailable.S. For Visa, Mastercard, Discover, or American Express, the service is not supported.U. For Visa, Mastercard, or Discover transactions, the service is unavailable. For American Express, information is not available. For Maestro, the address is not checked or the acquirer had no response. The service is not available.W. For Visa, Mastercard, or Discover transactions, whole ZIP code. For American Express, the card holder name, address, and postal code are all incorrect.X. For Visa, Mastercard, or Discover transactions, exact match of the address and the nine-digit ZIP code. For American Express, the card holder name, address, and postal code are all incorrect.Y. For Visa, Mastercard, or Discover transactions, the address and five-digit ZIP code match. For American Express, the card holder address and postal code are both correct.Z. For Visa, Mastercard, or Discover transactions, the five-digit ZIP code matches but no address. For American Express, only the card holder postal code is correct.Null. For Maestro, no AVS response was obtained.0. For Maestro, all address information matches.1. For Maestro, none of the address information matches.2. For Maestro, part of the address information matches.3. For Maestro, the merchant did not provide AVS information. It was not processed.4. For Maestro, the address was not checked or the acquirer had no response. The service is not available.
cvv_codeenum
The possible values are:
E. For Visa, Mastercard, Discover, or American Express, error - unrecognized or unknown response.I. For Visa, Mastercard, Discover, or American Express, invalid or null.M. For Visa, Mastercard, Discover, or American Express, the CVV2/CSC matches.N. For Visa, Mastercard, Discover, or American Express, the CVV2/CSC does not match.P. For Visa, Mastercard, Discover, or American Express, it was not processed.S. For Visa, Mastercard, Discover, or American Express, the service is not supported.U. For Visa, Mastercard, Discover, or American Express, unknown - the issuer is not certified.X. For Visa, Mastercard, Discover, or American Express, no response. For Maestro, the service is not available.All others. For Visa, Mastercard, Discover, or American Express, error.0. For Maestro, the CVV2 matched.1. For Maestro, the CVV2 did not match.2. For Maestro, the merchant has not implemented CVV2 code handling.3. For Maestro, the merchant has indicated that CVV2 is not present on card.4. For Maestro, the service is not available.
card
numberstring
required
attributesauthentication_resultsarray (contains the 3ds_result object)
billing_addresscard_typeenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
idstring
last_digitsstring
namestring
security_codestring
card.address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
card.address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
card_brand
card_brandenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
card_response
binstring
brandenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
idstring
issuerenum
The possible values are:
PAYPAL. A PayPal credit card.
last_digitsstring
last_n_charsstring
typeenum
The possible values are:
CREDIT. A credit card.DEBIT. A debit card.PREPAID. A Prepaid card.UNKNOWN. Card type cannot be determined.
card_response
brandenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
last_digits
card_response
brandenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
last_digits
card_response
brandenum
The possible values are:
VISA. Visa card.MASTERCARD. Mastecard card.DISCOVER. Discover card.AMEX. American Express card.SOLO. Solo debit card.JCB. Japan Credit Bureau card.STAR. Military Star card.DELTA. Delta Airlines card.SWITCH. Switch credit card.MAESTRO. Maestro credit card.CB_NATIONALE. Carte Bancaire (CB) credit card.CONFIGOGA. Configoga credit card.CONFIDIS. Confidis credit card.ELECTRON. Visa Electron credit card.CETELEM. Cetelem credit card.CHINA_UNION_PAY. China union pay credit card.
last_digits
card_verification
methodenum
The possible values are:
3D_SECURE. The contingency surfaced as an additional security layer that helps prevent unauthorized card-not-present transactions and protects the merchant from exposure to fraud.AVS_CVV. Places a temporary hold on the card to ensure its validity. This process protects the merchant from exposure to fraud. This verification method will confirm that the address information or CVV included matches what the issuing bank has on file for the associated card, ensuring that only authorized card users are able to make purchases from you.
card_verification_details
authorization
card_verification_details
authorization
card_verification_method
card_verification_methodenum
The possible values are:
SCA_WHEN_REQUIRED. This is the default. When an authorization or transaction is attempted this option will return a contingency and HATEOAS link only when local regulations require strong customer authentication, (e.g. 3DS in countries and use cases where it is mandated). The API caller should redirect the payer to the link so that they can authenticate themselves. In all cases, when an authorization is requested the AVS/CVV results will be returned in the response.
card_verification_status
card_verification_statusenum
The possible values are:
VERIFIED. Card has been verifiedNOT_VERIFIED. Card has not been verified
cavv_algorithm
cavv_algorithmenum
The possible values are:
CVV_WITH_ATN. Refers to the Visa CAVV generation specification that includes a unique identifier built into the value.MASTERCARD_SPA_ALGORITHM. Refers to Secure Payment Algorithm used to generate Mastercard's Accountholder Authentication Value (AAV).
country_code
country_codestring
currency_code
currency_codestring
customer
id
date_no_time
date_no_timestring
date_time
date_timestring
date_year_month
date_year_monthstring
eci_flag
eci_flagenum
The possible values are:
MASTERCARD_NON_3D_SECURE_TRANSACTION. Mastercard non-3-D Secure transaction.MASTERCARD_ATTEMPTED_AUTHENTICATION_TRANSACTION. Mastercard attempted authentication transaction.MASTERCARD_FULLY_AUTHENTICATED_TRANSACTION. Mastercard fully authenticated transaction.FULLY_AUTHENTICATED_TRANSACTION. VISA, AMEX, JCB, DINERS CLUB fully authenticated transaction.ATTEMPTED_AUTHENTICATION_TRANSACTION. VISA, AMEX, JCB, DINERS CLUB attempted authentication transaction.NON_3D_SECURE_TRANSACTION. VISA, AMEX, JCB, DINERS CLUB non-3-D Secure transaction.
emailstring
enrolled
enrolledenum
The possible values are:
Y. Yes. The bank is participating in 3-D Secure protocol and will return the ACSUrl.N. No. The bank is not participating in 3-D Secure protocol.U. Unavailable. The DS or ACS is not available for authentication at the time of the request.B. Bypass. The merchant authentication rule is triggered to bypass authentication.
error
debug_idstring
required
messagestring
required
namestring
required
detailsarray (contains the error_details object)
information_linkstring
linksarray (contains the link_description object)
error_details
issuestring
required
descriptionstring
fieldstring
locationstring
valuestring
id
idstring
language
languagestring
link_description
hrefstring
required
relstring
required
methodenum
merchant_partner_customer_id
merchant_partner_customer_idstring
min_payment_token
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
min_paypal_wallet_response
descriptionstring
payer
min_vault_resource
idlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
money
valuestring
required
name
alternate_full_namestring
full_namestring
given_namestring
middle_namestring
prefixstring
suffixstring
surnamestring
name_validation
name_validation
pares_status
pares_statusenum
The possible values are:
Y. Successful authentication.N. Failed authentication / account not verified / transaction denied.U. Unable to complete authentication.A. Successful attempts transaction.C. Challenge required for authentication.R. Authentication rejected (merchant must not submit for authorization).D. Challenge required; decoupled authentication confirmed.I. Informational anly; 3DS requestor challenge preference acknowledged.
payee_payment_method_preference
payee_payment_method_preferenceenum
The possible values are:
UNRESTRICTED. Accepts any type of payment from the customer.IMMEDIATE_PAYMENT_REQUIRED. Accepts only immediate payment from the customer. For example, credit card, PayPal balance, or instant ACH. Ensures that at the time of capture, the payment does not have the `pending` status.
payer.address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
payer.name
given_namestring
surnamestring
payer.name
given_namestring
surnamestring
payment_method
payee_preferredenum
The possible values are:
UNRESTRICTED. Accepts any type of payment from the customer.IMMEDIATE_PAYMENT_REQUIRED. Accepts only immediate payment from the customer. For example, credit card, PayPal balance, or instant ACH. Ensures that at the time of capture, the payment does not have the `pending` status.
payer_selectedenum
The possible values are:
PAYPAL_CREDIT. PayPal Credit.PAYPAL. PayPal.
standard_entry_class_codeenum
The possible values are:
TEL. The API caller (merchant/partner) accepts authorization and payment information from a consumer over the telephone.WEB. The API caller (merchant/partner) accepts Debit transactions from a consumer on their website.CCD. Cash concentration and disbursement for corporate debit transaction. Used to disburse or consolidate funds. Entries are usually Optional high-dollar, low-volume, and time-critical. (e.g. intra-company transfers or invoice payments to suppliers).PPD. Prearranged payment and deposit entries. Used for debit payments authorized by a consumer account holder, and usually initiated by a company. These are usually recurring debits (such as insurance premiums).
payment_token_resource
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
payment_token_resource
customer_ididlinksarray (contains the link_description object)
sourcestatusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
payment_token_status
payment_token_statusenum
The possible values are:
CUSTOMER_ACTION_REQUIRED. Before the payment method can be saved, the customer has to complete an action specific to the payment method.CREATED. The payment token has been vaulted.
paypal_wallet
customer_typeenum
The possible values are:
CONSUMER. The customer vaulting the PayPal payment token is a consumer on the merchant / platform.BUSINESS. The customer vaulting the PayPal payment token is a business on merchant / platform.
descriptionstring
payment_method_preferenceenum
The possible values are:
UNRESTRICTED. Accepts any type of payment from the customer.IMMEDIATE_PAYMENT_REQUIRED. Accepts only immediate payment from the customer. For example, credit card, PayPal balance, or instant ACH. Ensures that at the time of capture, the payment does not have the `pending` status.
product_labelstring
shippingusage_typeenum
The possible values are:
MERCHANT. The PayPal Payment Token will be used for future transaction directly with a merchant.PLATFORM. The PayPal Payment Token will be used for future transaction on a platform. A platform is typically a marketplace or a channel that a payer can purchase goods and services from multiple merchants.
phone
country_codestring
required
national_numberstring
required
extension_numberstring
phone_type
phone_typeenum
phone_with_type
phone_typeenum
phone_with_type.phone
national_numberstring
required
processor_response
avs_codeenum
The possible values are:
A. For Visa, Mastercard, or Discover transactions, the address matches but the zip code does not match. For American Express transactions, the card holder address is correct.B. For Visa, Mastercard, or Discover transactions, the address matches. International A.C. For Visa, Mastercard, or Discover transactions, no values match. International N.D. For Visa, Mastercard, or Discover transactions, the address and postal code match. International X.E. For Visa, Mastercard, or Discover transactions, not allowed for Internet or phone transactions. For American Express card holder, the name is incorrect but the address and postal code match.F. For Visa, Mastercard, or Discover transactions, the address and postal code match. UK-specific X. For American Express card holder, the name is incorrect but the address matches.G. For Visa, Mastercard, or Discover transactions, global is unavailable. Nothing matches.I. For Visa, Mastercard, or Discover transactions, international is unavailable. Not applicable.M. For Visa, Mastercard, or Discover transactions, the address and postal code match. For American Express card holder, the name, address, and postal code match.N. For Visa, Mastercard, or Discover transactions, nothing matches. For American Express card holder, the address and postal code are both incorrect.P. For Visa, Mastercard, or Discover transactions, postal international Z. Postal code only.R. For Visa, Mastercard, or Discover transactions, re-try the request. For American Express, the system is unavailable.S. For Visa, Mastercard, Discover, or American Express, the service is not supported.U. For Visa, Mastercard, or Discover transactions, the service is unavailable. For American Express, information is not available. For Maestro, the address is not checked or the acquirer had no response. The service is not available.W. For Visa, Mastercard, or Discover transactions, whole ZIP code. For American Express, the card holder name, address, and postal code are all incorrect.X. For Visa, Mastercard, or Discover transactions, exact match of the address and the nine-digit ZIP code. For American Express, the card holder name, address, and postal code are all incorrect.Y. For Visa, Mastercard, or Discover transactions, the address and five-digit ZIP code match. For American Express, the card holder address and postal code are both correct.Z. For Visa, Mastercard, or Discover transactions, the five-digit ZIP code matches but no address. For American Express, only the card holder postal code is correct.Null. For Maestro, no AVS response was obtained.0. For Maestro, all address information matches.1. For Maestro, none of the address information matches.2. For Maestro, part of the address information matches.3. For Maestro, the merchant did not provide AVS information. It was not processed.4. For Maestro, the address was not checked or the acquirer had no response. The service is not available.
cvv_codeenum
The possible values are:
E. For Visa, Mastercard, Discover, or American Express, error - unrecognized or unknown response.I. For Visa, Mastercard, Discover, or American Express, invalid or null.M. For Visa, Mastercard, Discover, or American Express, the CVV2/CSC matches.N. For Visa, Mastercard, Discover, or American Express, the CVV2/CSC does not match.P. For Visa, Mastercard, Discover, or American Express, it was not processed.S. For Visa, Mastercard, Discover, or American Express, the service is not supported.U. For Visa, Mastercard, Discover, or American Express, unknown - the issuer is not certified.X. For Visa, Mastercard, Discover, or American Express, no response. For Maestro, the service is not available.All others. For Visa, Mastercard, Discover, or American Express, error.0. For Maestro, the CVV2 matched.1. For Maestro, the CVV2 did not match.2. For Maestro, the merchant has not implemented CVV2 code handling.3. For Maestro, the merchant has indicated that CVV2 is not present on card.4. For Maestro, the service is not available.
payment_advice_codeenum
The possible values are:
01. For Mastercard, expired card account upgrade or portfolio sale conversion. Obtain new account information before next billing cycle.02. For Mastercard, over credit limit or insufficient funds. Retry the transaction 72 hours later. For Visa, the card holder wants to stop only one specific payment in the recurring payment relationship. The merchant must NOT resubmit the same transaction. The merchant can continue the billing process in the subsequent billing period.03. For Mastercard, account closed as fraudulent. Obtain another type of payment from customer due to account being closed or fraud. Possible reason: Account closed as fraudulent. For Visa, the card holder wants to stop all recurring payment transactions for a specific merchant. Stop recurring payment requests.21. For Mastercard, the card holder has been unsuccessful at canceling recurring payment through merchant. Stop recurring payment requests. For Visa, all recurring payments were canceled for the card number requested. Stop recurring payment requests.
response_codeenum
The possible values are:
0000. APPROVED.0100. REFERRAL.0800. BAD_RESPONSE_REVERSAL_REQUIRED.1000. PARTIAL_AUTHORIZATION.1300. INVALID_DATA_FORMAT.1310. INVALID_AMOUNT.1312. INVALID_TRANSACTION_CARD_ISSUER_ACQUIRER.1317. INVALID_CAPTURE_DATE.1320. INVALID_CURRENCY_CODE.1330. INVALID_ACCOUNT.1335. INVALID_ACCOUNT_RECURRING.1340. INVALID_TERMINAL.1350. INVALID_MERCHANT.1360. BAD_PROCESSING_CODE.1370. INVALID_MCC.1380. INVALID_EXPIRATION.1382. INVALID_CARD_VERIFICATION_VALUE.1384. INVALID_LIFE_CYCLE_OF_TRANSACTION.1390. INVALID_ORDER.1393. TRANSACTION_CANNOT_BE_COMPLETED.0500. DO_NOT_HONOR.5100. GENERIC_DECLINE.5110. CVV2_FAILURE.5120. INSUFFICIENT_FUNDS.5130. INVALID_PIN.5140. CARD_CLOSED.5150. PICKUP_CARD_SPECIAL_CONDITIONS. Try using another card. Do not retry the same card.5160. UNAUTHORIZED_USER.5170. AVS_FAILURE.5180. INVALID_OR_RESTRICTED_CARD. Try using another card. Do not retry the same card.5190. SOFT_AVS.5200. DUPLICATE_TRANSACTION.5210. INVALID_TRANSACTION.5400. EXPIRED_CARD.5500. INCORRECT_PIN_REENTER.5800. REVERSAL_REJECTED.5900. INVALID_ISSUE.5910. ISSUER_NOT_AVAILABLE_NOT_RETRIABLE.5920. ISSUER_NOT_AVAILABLE_RETRIABLE.6300. ACCOUNT_NOT_ON_FILE.7600. APPROVED_NON_CAPTURE.7700. ERROR_3DS.7710. AUTHENTICATION_FAILED.7800. BIN_ERROR.7900. PIN_ERROR.8000. PROCESSOR_SYSTEM_ERROR.8010. HOST_KEY_ERROR.8020. CONFIGURATION_ERROR.8030. UNSUPPORTED_OPERATION.8100. FATAL_COMMUNICATION_ERROR.8110. RETRIABLE_COMMUNICATION_ERROR.8220. SYSTEM_UNAVAILABLE.9100. DECLINED_PLEASE_RETRY. Retry.9500. SUSPECTED_FRAUD. Try using another card. Do not retry the same card.9510. SECURITY_VIOLATION.9520. LOST_OR_STOLEN. Try using another card. Do not retry the same card.9530. HOLD_CALL_CENTER. The merchant must call the number on the back of the card. POS scenario.9540. REFUSED_CARD.9600. UNRECOGNIZED_RESPONSE_CODE.5930. CARD_NOT_ACTIVATED.PPMD. PPMD.PPCE. CE_REGISTRATION_INCOMPLETE.PPNT. NETWORK_ERROR.PPCT. CARD_TYPE_UNSUPPORTED.PPTT. TRANSACTION_TYPE_UNSUPPORTED.PPCU. CURRENCY_USED_INVALID.PPQC. QUASI_CASH_UNSUPPORTED.PPVE. VALIDATION_ERROR.PPVT. VIRTUAL_TERMINAL_UNSUPPORTED.PPDC. DCC_UNSUPPORTED.PPER. INTERNAL_SYSTEM_ERROR.PPIM. ID_MISMATCH.PPH1. H1_ERROR.PPSD. STATUS_DESCRIPTION.PPAG. ADULT_GAMING_UNSUPPORTED.PPLS. LARGE_STATUS_CODE.PPCO. COUNTRY.PPAD. BILLING_ADDRESS.PPAU. MCC_CODE.PPUC. CURRENCY_CODE_UNSUPPORTED.PPUR. UNSUPPORTED_REVERSAL.PPVC. VALIDATE_CURRENCY.PPS0. BANKAUTH_ROW_MISMATCH.PPS1. BANKAUTH_ROW_SETTLED.PPS2. BANKAUTH_ROW_VOIDED.PPS3. BANKAUTH_EXPIRED.PPS4. CURRENCY_MISMATCH.PPS5. CREDITCARD_MISMATCH.PPS6. AMOUNT_MISMATCH.PPRF. INVALID_PARENT_TRANSACTION_STATUS.PPEX. EXPIRY_DATE.PPAX. AMOUNT_EXCEEDED.PPDV. AUTH_MESSAGE.PPDI. DINERS_REJECT.PPAR. AUTH_RESULT.PPBG. BAD_GAMING.PPGR. GAMING_REFUND_ERROR.PPCR. CREDIT_ERROR.PPAI. AMOUNT_INCOMPATIBLE.PPIF. IDEMPOTENCY_FAILURE.PPMC. BLOCKED_Mastercard.PPAE. AMEX_DISABLED.PPFV. FIELD_VALIDATION_FAILED.PPII. INVALID_INPUT_FAILURE.PPPM. INVALID_PAYMENT_METHOD.PPUA. USER_NOT_AUTHORIZED.PPFI. INVALID_FUNDING_INSTRUMENT.PPEF. EXPIRED_FUNDING_INSTRUMENT.PPFR. RESTRICTED_FUNDING_INSTRUMENT.PPEL. EXCEEDS_FREQUENCY_LIMIT.PCVV. CVV_FAILURE.PPTV. INVALID_VERIFICATION_TOKEN.PPTE. VERIFICATION_TOKEN_EXPIRED.PPPI. INVALID_PRODUCT.PPIT. INVALID_TRACE_ID.PPTF. INVALID_TRACE_REFERENCE.PPFE. FUNDING_SOURCE_ALREADY_EXISTS.PPTR. VERIFICATION_TOKEN_REVOKED.PPTI. INVALID_TRANSACTION_ID.PPD3. SECURE_ERROR_3DS.PPPH. NO_PHONE_FOR_DCC_TRANSACTION.PPAV. ARC_AVS.PPC2. ARC_CVV.PPLR. LATE_REVERSAL.PPNC. NOT_SUPPORTED_NRC.PPRR. MERCHANT_NOT_REGISTERED.PPSC. ARC_SCORE.PPSE. AMEX_DENIED.PPUE. UNSUPPORT_ENTITY.PPUI. UNSUPPORT_INSTALLMENT.PPUP. UNSUPPORT_POS_FLAG.PPRE. UNSUPPORT_REFUND_ON_PENDING_BC.
shipping_detail
addressnameoptionsarray (contains the shipping_option object)
shipping_detail.address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
shipping_detail.address_portable
address_line_1string
address_line_2string
admin_area_1string
admin_area_2string
postal_codestring
shipping_detail.name
full_namestring
shipping_detail.name
full_namestring
shipping_option
idstring
required
labelstring
required
selectedboolean
required
amounttypeenum
The possible values are:
SHIPPING. The payer intends to receive the items at a specified address.PICKUP. The payer intends to pick up the items at a specified address. For example, a store address.
shipping_type
shipping_typeenum
The possible values are:
SHIPPING. The payer intends to receive the items at a specified address.PICKUP. The payer intends to pick up the items at a specified address. For example, a store address.
signature_verification_status
signature_verification_statusenum
The possible values are:
YES. Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted.NO. Indicates that the PARes could not be validated.
source_request
paypal
tax_info
tax_idstring
required
tax_id_typeenum
required
The possible values are:
BR_CPF. The individual tax ID type.BR_CNPJ. The business tax ID type.
ucaf_indicator
ucaf_indicatorenum
The possible values are:
NON_SECURECODE_TRANSACTION. Non-SecureCode transaction, bypassed by the merchant.MERCHANT_ONLY_SECURECODE_TRANSACTION. Merchant-Only SecureCode transaction.FULLY_AUTHENTICATED_SECURECODE. Fully authenticated SecureCode.
vault
customer_idlinksarray (contains the link_description object)
payment_tokensarray (contains the min_vault_resource object)
total_itemsstring
total_pagesstring