2

I'm working on Odoo version 12.0, developing the process of Refund Sale Transaction using their API. I've taken reference from the following link: https://developer.paypal.com/docs/api/payments/v1/#sale_refund

But there is some authorization issue with their API of the refund transaction.

I've example request/response parameters like the following:

import requests

headers = {'Content-Type': 'application/json','Authorization': 'Bearer Access-Token'}

data = '{\n  "amount": {\n    "total": "2.34",\n    "currency": "USD"\n  },\n  "invoice_number": "INV-1234567"\n}'

response = requests.post('https://api.sandbox.paypal.com/v1/payments/sale/2MU78835H4515710F/refund', headers=headers, data=data)

It gives me the following response:

{'message': 'Authentication failed due to invalid authentication credentials or a missing Authorization header.', 'links': [{'rel': 'information_link', 'href': 'https://developer.paypal.com/docs/api/overview/#error'}], 'name': 'AUTHENTICATION_FAILURE'}

Can anyone help me to resolve this issue?

And how to generate bearer token using PayPal Payment API?

Preston PHX
  • 27,642
  • 4
  • 24
  • 44
Avani Somaiya
  • 348
  • 2
  • 7
  • Has anyone know how to test the Paypal Refund transaction as a pending state? As it directly goes to the completed state. – Avani Somaiya May 06 '20 at 06:41

1 Answers1

2

The Authorization header needs to contain an actual Access Token after the word 'Bearer '. Sending the string 'Access Token' will not work.

Here is how to obtain an actual access token: https://developer.paypal.com/docs/api/overview/#get-an-access-token

Preston PHX
  • 27,642
  • 4
  • 24
  • 44
  • Thank you very much. I got an answer. – Avani Somaiya Apr 06 '20 at 13:17
  • When I send the request with sandbox account refund transaction API, it gives me error of Permission Denied. Can you please tell me why? – Avani Somaiya Apr 06 '20 at 13:29
  • {'information_link': 'https://developer.paypal.com/docs/api/payments/#errors', 'debug_id': '9db52e4ca61f4', 'message': 'Permission denied.', 'name': 'PERMISSION_DENIED'} – Avani Somaiya Apr 06 '20 at 13:29
  • Check the permissions of the REST App of the Client ID you are using, in https://www.paypal.com/signin?intent=developer&returnUri=https%3A%2F%2Fdeveloper.paypal.com%2Fdeveloper%2Fapplications . Make sure you are checking the correct mode, live or sandbox. Also make sure your access token request returns the necessary scope. – Preston PHX Apr 06 '20 at 14:52
  • Currently, I'm using Client ID & Secret of https://developer.paypal.com/developer/applications But it gives me Permission denied. – Avani Somaiya Apr 07 '20 at 13:36
  • Can you tell me which Client ID & Secret need to use for sandbox account as well as live account ? – Avani Somaiya Apr 07 '20 at 13:37
  • You need to configure them with the appropriate permissions. There are many checkboxes. – Preston PHX Apr 07 '20 at 16:16
  • Are you know how to test the "Paypal Refund transaction" as a "pending" state? As it directly goes to the completed state. – Avani Somaiya May 06 '20 at 06:41
  • Send yourself a payment with intent=authorization and don't capture it, or send yourself a payment in a funny currency like AUD and don't accept it – Preston PHX May 06 '20 at 08:15
  • Can't understand well, can you explain more? Just an FYI: I want to test the "Paypal Refund transaction" with the pending state, not normal transaction. – Avani Somaiya May 06 '20 at 10:33
  • I'm not sure why you need to test refunding a transaction in a pending state. That is an odd thing to be testing. But either of those scenarios I described will result in a transaction that is in a pending state. – Preston PHX May 06 '20 at 16:20
  • Thanks for answering me. Can you please tell me how to check Paypal Client ID and Secret Key is correct or not? – Avani Somaiya May 20 '20 at 14:02
  • Because when their credentials are wrong at that time it can't generate a token for the refund process. – Avani Somaiya May 20 '20 at 14:08
  • That is another very strange question to be asking. The way to check if a Client ID and Secret are valid is to attempt to generate an Oauth token. If it fails, they are invalid. – Preston PHX May 20 '20 at 16:22
  • No, but I want to check before the Oauth token generates process. – Avani Somaiya May 21 '20 at 05:28
  • Then try to generate one earlier, before you actually need one. The way to check is to generate one, this is not complicated. – Preston PHX May 21 '20 at 05:40