Reputation: 631
Paypal: Client Authentication Failed
Trying to take my paypal REST api site live. It works well in sandbox mode, with verified transfers.
When I switch my sandbox for live client ID and secret, I get the error
{"error":"invalid_client","error_description":"Client Authentication failed"}
I checked and made sure that my code should go live
$apiContext = new \PayPal\Rest\ApiContext(
new \PayPal\Auth\OAuthTokenCredential(
PP_CLIENT_ID , // ClientID
PP_CLIENT_SECRET // ClientSecret
)
);
// setting mode to live
// https://github.com/paypal/PayPal-PHP-SDK/wiki/Going-Live
$apiContext->setConfig([
'mode' => 'live',
]);
running this via wp_ajax
Any help would be appreciated! Thanks!
2/5/2019: Seems other people got this problem: https://github.com/paypal/PayPal-PHP-SDK/issues/435
Also the same question on StackOverflow that I missed ... that also had no answer. PayPal App works perfectly as Sandbox, Client Authentication failed on Live: list of steps to check?
Upvotes: 9
Views: 29595
Answers (9)
Reputation: 11
I can verify that the client-id:client-secret do not need to be encoded with base64. Why it says that on the website is unknown, but in my case it led to to hours of second-guessing how to encode the client-id and client secret.
Once they were sent in plain text, the access token was returned.
Upvotes: 1
Reputation: 11
when changing sandbox to live environment in paypal two things will help you
Generate new app in paypal for client-id and secret-key cause default app might not work in some cases
change the Environment variable in your code from paypal.core.SandboxEnviornment to payapl.core.LiveEnviornment
and update .env file with new generated Client-id and Secret-key
`const paypal = require('@paypal/checkout-server-sdk')
const Environment = paypal.core.LiveEnvironment
const paypalClient = new paypal.core.PayPalHttpClient(new Environment
(
process.env.PAYPAL_CLIENT_ID,
process.env.PAYPAL_CLIENT_SECRET,
))`
Upvotes: 0
Reputation: 4098
I got this error today, in Oct 2023 ...
Problem in my case is that you do NOT need to base64 encode the user:password
docs says: Note: Encode CLIENT_ID:CLIENT_SECRET in Base64 before sending it in the API call.
I found this to be FALSE, it only worked when I directly entered client-id:secret WITHOUT base 64 encode.
Also, make sure your api url is correct:
- api-m.paypal.com (for live requests)
- api-m.sandbox.paypal.com (for sandbox requests)
Upvotes: 0
Reputation: 37977
This can be caused by Paypal. You aren't allowed to go Live until you submit your Business for approval. Until then, you'll get a 401 Unauthorized with response content:
{
"error":"invalid_client",
"error_description":"Client Authentication failed"
}
The approval process is obscure and it seems like they would prefer you just don't. The link is buried in the API pages and, the errors you might get calling auth are pretty exhaustive but never mention this very obvious, common error nor tell you how to resolve it, and, after you find the link and submit for approval, you get this message:
Thank you for your inquiry. PayPal Partner Sales and technical team will be evaluating your request and will reach out when your request meets minimum business requirements. Note: If you are a merchant or small business proprietor interested in PayPal solutions, you’ve reached this page in error. Instead visit PayPal for Business to learn more about the latest features and benefits of a PayPal Business Account.
"When your request meets minimum business requirements." I mean until we get approval there's no business on the site so... that sounds like heat death of the universe to me.
Link to submit for approval to have a full Business account with permission to go live:
https://www.paypal.com/us/webapps/mpp/partner-program/contact-us
Update
Paypal upgraded us to Business without reaching out. We noticed the upgrade when our payments started losing money to fees, with no way to pay fee-free "friends and family" anymore. The upgrade resolved this issue.
Upvotes: 2
Reputation: 693
So I've been struggling for an hour with this. Switching from Sandbox to Live gets this error. Client id and secret are correct. I am using the LiveEnvironment from the sdk.
Solution: Delete the production app and create it again. Suddenly, everything works.
Upvotes: 1
Reputation: 319
I know this is an old post, but in case someone else comes across this issue: Developer accounts don't have the ability to actually process cards, so attempting to hit the production endpoint (https://api-m.paypal.com/v1/) will return:
{"error":"invalid_client","error_description":"Client Authentication failed"}
Upvotes: 0
Reputation: 1070
I was having a similar issue trying to generate the REST API token, following PayPal REST API docs for sandbox API works. Live should be the same. Make sure you're grabbing the REST API credentials and not grabbing the "NVP/SOAP API apps" secret.
Go here: https://developer.paypal.com/developer/applications/
At the top select Sandbox or Live
Click Create App under REST API apps, NOT NVP/SOAP API apps.
This will give you a Client ID and Secret, both look like a string of upper and lower case alphanumeric, some 40-50 chars in length.
With these credentials, run this curl command to get your access token so you can make calls to the REST API, substitute your client id and secret:
curl -v POST https://api.sandbox.paypal.com/v1/oauth2/token \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "CLIENT_ID:SECRET" \
-d "grant_type=client_credentials"
This should return your token:
Sample response
{
"scope": "https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks",
"access_token": "A21AAFEpH4PsADK7qSS7pSRsgzfENtu-Q1ysgEDVDESseMHBYXVJYE8ovjj68elIDy8nF26AwPhfXTIeWAZHSLIsQkSYz9ifg",
"token_type": "Bearer",
"app_id": "APP-80W284485P519543T",
"expires_in": 31668,
"nonce": "2020-04-03T15:35:36ZaYZlGvEkV4yVSz8g6bAKFoGSEzuy3CQcz3ljhibkOHg"
}
You don't typically integrate these things into your application, rather these are things you do once and then you embed the REST API token into your application.
I know this is kind of repeating the obvious but I hope this helps.
See further instructions here: https://developer.paypal.com/docs/platforms/get-started/#step-1-get-api-credentials
Upvotes: 2
Reputation: 121
Try to change
return new SandboxEnvironment($clientId, $clientSecret);
to
return new ProductionEnvironment($clientId, $clientSecret);
in your PayPalClient.php class
Upvotes: 12
Reputation: 331
https://developer.paypal.com/docs/api/overview/#api-requests
when using live credentials the url should be https://api.paypal.com instead https://api.sandbox.paypal.com
reference https://github.com/paypal/PayPal-PHP-SDK/issues/435#issuecomment-462133355
Upvotes: 20
Related Questions
- PayPal PHP SDK: Authentication failed due to invalid authentication credentials or a missing Authorization header
- php paypal Server-side REST integration failure
- PayPal SDK error "Credential not found for default user"
- PayPal: MALFORMED_REQUEST with no additional activity
- Using config file with Paypal SDK throws PayPalInvalidCredentialException
- Paypal REST API invalid credentials
- PayPal REST Api error: response 401 PPConnectionException
- PayPal Client Authentication Failed
- Paypal SDK Problems with OAuthTokenCredential
- PayPal REST API returning 500 Server error for credit Card Token