Getting PayPal up and running is simpler than it seems, however I found there is something "bewildering" about the PayPal website, the range of options they offer and their sandbox. This is to share the things I have learnt.
Mass Payments is sending money to a large number of people. Not useful for me. Website Payments Standard offers lots of "clever" buttons which you can embed on a static site. Forget about it. Mobile Checkout is engineered for WAP. Not interested. Payflow Pro has PayPal act as an intermediary to a third party gateway. Can't see the point in this. Website Payment Pro Payflow edition is just a variant on Payflow, so again, not interested.
Website Payments Pro (Express Checkout and Direct Payment)
Once I focussed my mind on Website Payments Pro, things slotted into place. WPP consists of Express Checkout - where you dump your customer at PayPal and they use their PayPal account, and Direct Payment where you grab customer's credit card data your end, and post it to PayPal in the background. Direct Payment does not require a PayPal account - however it should be obvious that SSL is a requirement, as you are grabbing sensitive info your end.
Direct Payments is the real win here effectively its a very simple to use payment gateway at a reasonable cost from PayPal. However - the WPP offering is the combination of them both - Express Checkout and Direct Payments - so if you implement Direct Payments you are obliged to offer Express Checkout too - in order to redirect people into creating PayPal accounts I would warrant. This is not too much sweat however.
1. Creating a PayPal developer account.
First step is to create a PayPal developer account, this is not the same thing as the account you will use to access the API - this is the account you need to then create test API accounts. So this is a first step:
2. Create Sandbox account to test with.
Once you are logged into the PayPal sandbox "center" then you can create an account within the Sandbox to test with. There is a macro for creating preconfigured types of accounts- effectively you want the test version of a merchant account with WPP enabled. Select "add account" and then add a WPP test account. It will generate some rubbish email address based on what you enter. Emails sent to this address in the course of testing (i.e. notification of purchases etc) will go to an integrated webmail section of the Sandbox site. Don't forget the password you use to create the sandbox merchant account! It is different from the API password and you will need it to view the status of transactions during testing.
At this point also treat yourself by setting up an additional account to act as the customer when testing express payments.
Once you have created your Sandbox merchant WPP account, you can then browse the details of this account on the "API Credentials" menu item. You should have the following details:
- API_USER_NAME: This is just a test Merchant username for API calls.
- API_PASSWORD: The password.
- API_SIGNATURE: This is the additional signature for accessing the API.
However, with these three items you should be set to access the API. I'll be doing so using Python.
3. Hit the NVP API webservice and do stuff.
At this stage its worth digressing on the sorts of flows which will need to be implemented. Step -1 is that your marketing will work, the customer will come to your site, feel excited / relieved to have found something they want to buy, and will use whatever system of button pressing you have implemented to add the item to their shopping cart. The following account begins at the point where they click "checkout".
- You offer the customer the option to enter credit card details on your site (Direct Payments) or use Express Checkout. They choose the latter.
- You POST using the NVP API to the SetExpressPayment method. This POST includes your API key, the amount of the transaction plus return and cancel URLs for PayPal to return your customer to.
- You receive an "express checkout token" in response. You construct a URL based off a static PayPal URI plus this token, and redirect your customer to it.
- The customer completes their purchase in PayPal by either entering their PayPal account details or creating a new PayPal account.
- PayPal will then redirect the customer back to your site, appending URL parameters containing the Express Checkout token and the Payer ID, which identifies the customer.
- You then call DoExpressCheckoutPayment method using the NVP API passing in the "express checkout token", the Payer ID you got back in step 5 and the same amount you passed along in the first instance. PayPal sends you a confirmation as a reply in NVP.
- The customer gets a confirmation email from PayPal, and the test merchant account has the transaction posted into it. You can check this from the Sandbox "center" site "Test Email" section.
So here's a sample script for this which can be run from the command line / IDLE etc. Note you need to copy paste the payer ID from query URL in the browser after you get back from PayPal into the script.
The above is heavily based on the example here
So that's Express Checkout - given this post has turned into a complete monster I'm going to leave Direct Payments for another day and another post. Hope someone finds this post useful!