PayPal Community

dcordes · ‎Oct-07-2024

This error code just started showing up today. We are using the PayPal NVP implementation and are currently sending Version = 58.0 in our API call.

Does anyone know what version I should be sending? When I look at the documentation below, "version" isn't even an input parameter, so I have no idea what to do here.

https://developer.paypal.com/api/nvp-soap/do-direct-payment-nvp/

Thanks for any help.

trepstar · ‎Oct-09-2024

Hi Jerry

Thank you for your help so far.

I also do basic CC processing. Our online form collects the customer shipping address and CC info (card name, number, expire, cvv). Then we submit that NVP string to the DoDirectPayment method.

Using the new REST API that you describe, it looks to me like we would use the PaymentSource > card object on the request? Do you have any sample request JSON that you created for the create and capture step you describe? Maybe you could post some of it here. Thank you for your help so far. At least we know it can be done this way.

I was able to start this and get the authentication step complete but I have not yet moved onto the other steps create and capture.

sunstarjeff · ‎Oct-09-2024

To jerrycin and dcordes:

It seems like the three of us are in the same boat (we're using CFML as well).

We have the same questions as dcordes. Would either of you be willing to collaborate with us? My business partner is a CFML programmer too and we haven't started anything yet.

JoseMiguel7 · ‎Oct-10-2024

Hello everyone, I just received this message from PayPal:

"The PayPal Product Developers have stated that they are rolling back a push that had created this issue and it should be fixed within a few hours from now. I will update you again as soon as I hear that the fix has been completed.
I apologize for the inconvenience and thank you for your patience!"

jerrycin · ‎Oct-10-2024

For you Adobe Coldfusion CFML guys who all of a sudden had their NVP code stop working this week here is the basic structure of what I used to get up and going again using the PayPal REST API. Some were asking for my code. This was my test file as I was testing the API and not my production version. Sorry the tabs didn't paste well, so might be hard to read. Enjoy.

</CFHTTP>

<CFSET json = '{

"intent": "CAPTURE",

"purchase_units": [

{

"description": "test",

"invoice_id": "#transactionID#",

"custom_id": "#transactionID#",

"amount": {

"currency_code": "USD",

"value": "1.00"

}

],

"payment_source": {

"card": {

"name": "John Doe",

"number": "xxxxxxxxxxxxxxxxxxxx",

"expiry": "2029-03",

"type": "credit",

"brand": "visa"

}

}'>

</CFHTTP>

</CFHTTP>

</CFIF>

</CFIF>

</CFIF>

trepstar · ‎Oct-11-2024

That is very helpful Jerry. Did any of you see this warning:

...Note: Passing card number, cvv and expiry directly via the API requires PCI SAQ D compliance. ...
on this document https://developer.paypal.com/docs/api/orders/v2/#orders_create!path=purchase_units&t=request

While NVP is working again (for the time being), and it is best to go to a newer solution, does it seem like paypal will soon require PCA SAQ D (which looks like a lot of wasted time and energy)?

Also Jerry, based on your sample, doesn't the order require the full billing address for the card to be successfully charged?

GamesOver · ‎Oct-11-2024

Hey @jerrycin , I wrote a ColdFusion CFC for PayPal's REST API as a result of this recent NVP issue too. I plan on sharing it via on Twitter/X & my blog after I've performed some more tests on production websites.

I've added caching to the token generation so that it's automatically fetched & refreshed as needed without ever having to explicitly check. (I've added a method to call it if needed for testing/refresh purposes.)

When generating transactionID, an integer may be fine, but could be duplicated randomly and should always be unique... consider using createUUID() instead.

I noticed that your example CFML code passes "type" &"brand" in the createOrder payment_source object. I don't see these keys listed in the official documentation. It's interesting that their API ignored the invalid keys rather than throwing an error.

The integration for the library I'm working on looks like this:

playPalClient = [
	"name": "MyClient"
	,"clientid": "3d56cbf6-02e2-4125-9d91-33465e04a56f-fake"
	,"secret": "9763ea1b-3baa-4439-9e1d-df91aa19b936-fake"
	,"descriptor": "ADDED-TO-CC-STATEMENT"
	,"developmentMode": true
];

payPalApi = new PaypalRestAPI(
	clientId = playPalClient.clientId
	,clientSecret = playPalClient.secret
	,descriptor = playPalClient.descriptor
	,developmentMode = playPalClient.developmentMode
);

requestId = createuuid();

orderData = [
	"requestId": requestId
	,"amount": 15
	,"name": "Joe CardUser"
	,"cardnumber": "4556747948786484" // PayPal test
	,"expdate": dateadd("m", 2, now()) // "yyyy-mm" or pass a date
	,"cvv2": "789"
	,"address": "123 ABC Street"
	,"city": "Anytown"
	,"state": "CA"
	,"zip": "90210"
	,"country": "US"
];

order = payPalApi.createOrder(argumentcollection=orderData);

if (order.responseCode neq "0000"){
	writeoutput("CreateOrder Error: #order.errorMessage#");
	//writedump(var=order, label="order");
	exit;
}

orderDataToCapture = [
	"requestId": requestId
	,"id": order.id
];

capturedOrder = payPalApi.capture(argumentcollection=orderDataToCapture);

if (capturedOrder.responseCode neq "0000"){
	writeoutput("Capture Error: #order.errorMessage#");
	// writedump(var=order, label="order");
	exit;
}

writeoutput("Success: Transaction ID #capturedOrder.id#");
writedump(var=capturedOrder, label="capturedOrder");

GamesOver · ‎Oct-15-2024

@jerrycinI modified the logic that we use so that "create order" doesn't initially contain any cardholder data. The CC data isn't required until the final "capture order" process. (The "capture" endpoint requires "payment_source" it it's not already part of the order.)

Our decision to change this workflow was because a CF error occurred after the order creation and the payment was still processed without any post-creation capture. Posting the CC info as part of the finalized capture seemed to be a safer approach.

GamesOver · ‎Oct-11-2024

The official PayPalDev Twitter account has stated that the NVP issue has been resolved as of 10/11/2024 09:31 Pacific)

https://x.com/paypaldev/status/1844777910806135049

NOTE: PayPal's regex incorrectly identified an ISO date as a phone number. I had to edit this entry twice. #smh

If NVP doesn't work, please respond within this thread or consider reaching out on Twitter. (I think issues like this tend to get more attention and fixed faster when publicly discussed outside of PayPal's internal forum.)

GamesOver · ‎Oct-15-2024

I've shared a ColdFusion PayPal REST API CFC on my blog:
https://dev.to/gamesover/coldfusion-paypal-rest-api-cfc-339p

This CFC supports simple createOrder and captureOrder functions and is CF2016+ compatible.

jerrycin · ‎Oct-16-2024

@GamesOver

I moved my Payment Card Info out of Create Order and into Capture order as you suggested.

Have you had any issues with the "PAYER_ACTION_REQUIRED" issue on some cards with REST API? I run a backend subscription charger that charges stored cards monthly in different amounts based on activity and I have one American Express card in Italy that keeps on kicking this back during the Capture Order stage. "Payer needs to perform the following action before proceeding with payment" then a link is provided in the REST return. I never had this issue on NVP, and might have to go back to it, as there is no one to acknowledge the action in the backend system.

PayPal Community

PayPal NVP - Error Code 10006 - Version Error

Haven't Found your Answer?