PayPal-hosted JavaScript library for working with REST API?

Question

We’ve been using several styles of PayPal integration over the years and were very excited to see the introduction of the new REST API. We have been trying to minimize our PCI-DSS compliance obligations, and our thought was that a REST API would allow us to communicate credit card information directly to PayPal (without having to involve our servers) and while keeping users on our site, thus resulting in a more seamless user experience. However, the stumbling-block with this is same-origin policies as they apply to cross-domain AJAX calls. We’ve noticed that other payment processors typically offer a JavaScript library that can be included directly from their site onto our page, which allows JavaScript to interact seamlessly with their payment processing network (circumventing same-origin restrictions). We were wondering if PayPal has, or might offer, a similar feature to allow the same style of integration with the new REST API? Is there another way? Note that the API integration requires HTTP POST calls, so JSONP doesn't appear to be an alternative.

Tried (twice) addressing this to the PayPal developer evangelist email address, but have received no reply.

Thanks in advance.

Answer 1

You can try Braintree Payments they provide a wonderful AJAX Solution that handles PCI problems, The Payment Gateway takes care of encrypting the creditcard info and keeping us matching to PCI standards.

Answer 2

CORS support for new Restful APis is underworks - hopefully we will have it soon. No specific date yet - but I will keep you updated. That will let you save the credit cards using vault API from the client side and use the saved card to process payments.

Answer 3

This feature is not available at this time. Have you checked https://developer.paypal.com/webapps/developer/docs/classic/payflow/gs_ppa_hosted_pages/? Payments Advanced allows you to embed an order form via iframe on your site and accept credit cards without having to be PCI compliant.