Start Free Trial   Support

PayPal Advanced Settings

Advanced Settings

Establishing a Connection

The provider surfaces tables from two PayPal APIs. The APIs use different authentication methods.

  • The REST API uses the OAuth standard. To authenticate to the REST API, you will need to set the OAuthClientId, and OAuthClientSecret properties. S
  • The SOAP API requires Signature API credentials. To authenticate to the SOAP API, you will need to set the Username, Password, and Signature properties. You generate these API credentials when you enable the SOAP API. 

 To choose the API you want to work with,set the Schema property to REST or SOAP. By default, the SOAP schema will be used.

For testing purposes, set UseSandbox to true and use Sandbox credentials.

Connecting to the SOAP API

Using API Credentials for SOAP API Calls

 You can use the SOAP API to retrieve all transactions for the current account. The SOAP API uses the Signature API-credentials type, which has three credential values:

  • API Username
  • API Password
  • API Signature

 To generate the API credentials:

  1. Log in to your PayPal business account and select Profile > My Selling Tools.
  2. In the Selling Online section, click Update for the API Access item.
  3. To generate the API signature, click Request API Credentials on the API Access page.
  4. Select Request API Signature and click Agree and Submit to generate the API signature.

 After setting the following connection properties, you are ready to connect:

  • User: Set this to the API Username.
  • Password: Set this to the API Password.
  • Signature: Set this to the Signature.
  • UseSandbox: Set this to true if you are using sandbox credentials.

Connecting to the REST API

Create an App

 To register an app and obtain the OAuth client credentials, the Client Id, and Client Secret:

  1. Log in to your PayPal developer account and My Apps & Credentials (under Dashboard).
  2. Scroll to the REST API apps section and click Create App.
  3. Enter the App Name.
  4. From the drop down list, select the sandbox account that will be used to get data from.

 PayPal generates a set of sandbox and live OAuth keys for the application. The sandbox credentials are shown after creating the app. For the live credentials, select the Live option.

The sandbox credentials will be used to get data only for the sandbox account selected when creating the App, while the Live credentials will be used to get data only for the developer account used to create this app.

Authenticate to PayPal

 After setting the following connection properties, you are ready to connect:

  • InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
  • OAuthClientId: Set this to the Client Id in your app settings.
  • OAuthClientSecret: Set this to the Client Secret in your app settings.
  • UseSandbox: Set this to true if you are using sandbox credentials.

 When you connect, the provider completes the OAuth process.

  1. Exchanges the OAuthClientId and OAuthClientSecret for the OAuthAccessToken.
  2. Refreshes the access token when it expires.
  3. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.

Customizing the SSL Configuration

 By default, the provider attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store. To specify another certificate, see the SSLServerCert property for the available formats to do so.

Connecting Through a Firewall or Proxy

HTTP Proxies

To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.

In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.

Other Proxies

 Set the following properties:

  • To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
  • To tunnel the connection, set FirewallType to TUNNEL.
  • To authenticate, specify FirewallUser and FirewallPassword.
  • To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.

Troubleshooting the Connection

 To show provider activity from query execution to network traffic, use Logfile and Verbosity. The examples of common connection errors below show how to use these properties to get more context. Contact the support team for help tracing the source of an error or circumventing a performance issue.

  • Authentication errors: Typically, recording a Logfile at Verbosity 4 is necessary to get full details on an authentication error.
  • Queries time out: A server that takes too long to respond will exceed the provider's client-side timeout. Often, setting the Timeout property to a higher value will avoid a connection error. Another option is to disable the timeout by setting the property to 0. Setting Verbosity to 2 will show where the time is being spent.
  • The certificate presented by the server cannot be validated: This error indicates that the provider cannot validate the server's certificate through the chain of trust. If you are using a self-signed certificate, there is only one certificate in the chain.

    To resolve this error, you must verify yourself that the certificate can be trusted and specify to the provider that you trust the certificate. One way you can specify that you trust a certificate is to add the certificate to the trusted system store; another is to set SSLServerCert.