PayPal Community

I am trying to integrate payment by presenting both PayPal button and credit card fields (Advanced Checkout).

I am currently in sandbox mode.

My application gets the shipping address from the user in order to calculate shipping and get the actual total, after which the buyer can choose from paying with the PayPal button or entering their credit cart info through PayPal.

When I create an order with the Order V2 API, I pass the shipping address and set 'shipping_preference' to 'SET_PROVIDED_ADDRESS' in 'experience_context' which is supposed to have the behavior:

"""Get the merchant-provided address. The customer cannot change this address on the PayPal site. If merchant does not pass an address, customer can choose the address on PayPal pages."""

When I press the PayPal button, as expected it fills the shipping address with the one my application provides.

However, I can still change it to a different one. This is not supposed to be possible.

Code:

const base = "https://api-m.sandbox.paypal.com"
/**
 * Create an order to start the transaction.
 * @See https://developer.paypal.com/docs/api/orders/v2/#orders_create
 */
export async function createOrder(
    cartRaw: any, // LocalStorageCartType
): Promise<{
    
}> {

    console.log('create order ', cartRaw)
    
    // todo
    const price = 100

    const accessToken = await generateAccessToken()
    const url = `${base}/v2/checkout/orders`
    const payload = {
        intent: "CAPTURE",
        purchase_units: [{
            amount: {
                currency_code: "USD",
                value: price,
            },
            shipping: {
                type: 'SHIPPING',
                name: {
                    full_name: 'John Doob'
                },
                address: {
                    address_line_1: '317 W Embargo St.',
                    address_line_2: '',
                    admin_area_1: 'NY',
                    admin_area_2: 'Rome',
                    postal_code: '13440',
                    country_code: 'US'
                }
            }
        }],
        payment_source: {
            paypal: {
                experience_context: {
                    brand_name: 'test brand name',
                    shipping_preference: 'SET_PROVIDED_ADDRESS',
                    user_action: 'PAY_NOW',
                    payment_method_preference: 'IMMEDIATE_PAYMENT_REQUIRED',
                },
            },
            card: {
                // experience_context: {
                //     brand_name: 'test brand name',
                //     shipping_preference: 'SET_PROVIDED_ADDRESS',
                //     user_action: 'PAY_NOW',
                //     payment_method_preference: 'IMMEDIATE_PAYMENT_REQUIRED',
                // },
                attribute: {
                    verification: {
                        method: "SCA_WHEN_REQUIRED",
                    },
                },
            },
        },
        // deprecated
        // application_context: {
        //     brand_name: 'test_brand_name',
        //     shipping_preference: 'SET_PROVIDED_ADDRESS'
        // }
    }
    const response = await fetch(url, {
        headers: {
            "Content-Type": "application/json",
            Authorization: `Bearer ${accessToken}`,
            // Uncomment one of these to force an error for negative testing (in sandbox mode only). Documentation:
            // https://developer.paypal.com/tools/sandbox/negative-testing/request-headers/
            // "PayPal-Mock-Response": '{"mock_application_codes": "MISSING_REQUIRED_PARAMETER"}'
            // "PayPal-Mock-Response": '{"mock_application_codes": "PERMISSION_DENIED"}'
            // "PayPal-Mock-Response": '{"mock_application_codes": "INTERNAL_SERVER_ERROR"}'
        },
        method: "POST",
        body: JSON.stringify(payload),
    })

    return handleResponse(response)
}

Behavior (buyer still able to change address):