Security header is not valid - 1002

Question

I'm trying to use the nvp API for the ExpressCheckout,

I've set this in my php page:

$userPaypal = "****";
$passPaypal = "****";
$signaturePaypal = "*****";

$params = array(
    'METHOD' => 'SetExpressCheckout',
    'VERSION' => '202.0',
    'USER' => $userPaypal,
    'SIGNATURE' => $signaturePaypal,
    'PWD' => $passPaypal,
    'RETURNURL' => 'process.php',
    'CANCELURL' => 'cancel.php',

    'PAYMENTREQUEST_0_AMT' => '10',
    'PAYMENTREQUEST_0_CURRENCYCODE' => 'EUR');

$params = http_build_query($params);

$endpoint = 'https://api-3t.sandbox.paypal.com/nvp';
$curl = curl_init();
curl_setopt_array($curl, array(
    CURLOPT_URL => $endpoint,
    CURLOPT_POST => 1,
    CURLOPT_POSTFIELDS => $params,
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_SSL_VERIFYHOST => false,
    CURLOPT_VERBOSE => 1
    ));

$response = curl_exec($curl);
$responseArray = array();
parse_str($response, $responseArray);
var_dump($responseArray);
curl_close($curl);

And here's what the var_dump gives me:

array (size=9)

'TIMESTAMP' => string '2015-12-17T17:05:44Z' (length=20)

'CORRELATIONID' => string '287a4dff68c2f' (length=13)

'ACK' => string 'Failure' (length=7)

'VERSION' => string '202.0' (length=5)

'BUILD' => string '18308778' (length=8)

'L_ERRORCODE0' => string '10002' (length=5)

'L_SHORTMESSAGE0' => string 'Security error' (length=14)

'L_LONGMESSAGE0' => string 'Security header is not valid' (length=28)

'L_SEVERITYCODE0' => string 'Error' (length=5)

Does anyone have any idea how to solve "Security header is not valid" issue ?

Thanks, Robin.

Answer 1

This error means that API credentials incorrect. Please double check your API credentials and make sure you're not using paypal live API credentials for sandbox API.