Search code examples
restcurlpaypal

PayPal API fails with seemingly correct Token

I had a working test version using the PayPal API in javascript. When I translated it to Curl so I could run it server side and obscure the credentials, I can still properly get a token, but all other endpoints fail Authorization:

curl https://api.sandbox.paypal.com/v1/oauth2/token \
 -H 'Accept: application/json' \
 -H 'Accept-Language: en_US' \
 -u 'XXXCLIENT_IDXXX':'XXXSECRETXXX' \
 -d grant_type=client_credentials

$VAR1 = {
          'app_id' => 'APP-80W284485P519543T',
          'scope' => 'https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks',
          'expires_in' => 32329,
          'token_type' => 'Bearer',
          'nonce' => '2023-10-09T15:32:55Zhrzfg_lRlbaSCIW8HMlnO5rV1Yp_MQ4TKGag2B8zoBw',
          'access_token' => 'A21AAIZFjd0g3gpxiHckR1s60mg17K8GtlcvypfSxzKxWAFBFpeqM7t_8XdifcV1RRBwUvFeExF_OgKU2-PWxGS0oZeLDZ4-Q'
        };

curl -v -X POST https://api.sandbox.paypal.com/v2/invoicing/invoices  \
-H 'Authorization : Bearer A21AAIZFjd0g3gpxiHckR1s60mg17K8GtlcvypfSxzKxWAFBFpeqM7t_8XdifcV1RRBwUvFeExF_OgKU2-PWxGS0oZeLDZ4-Q' \
-H 'Content-Type: application/json' \
-H 'Prefer: return=representation' \
-d '{
....
}'
$VAR1 = {
          'message' => 'Authentication failed due to invalid authentication credentials or a missing Authorization header.',
          'links' => [
                       {
                         'rel' => 'information_link',
                         'href' => 'https://developer.paypal.com/docs/api/overview/#error'
                       }
                     ],
          'name' => 'AUTHENTICATION_FAILURE'
        };

What's going on? The auth header is clearly there.

Solution

  • Problem

    Hi, I'm pretty sure there is a syntax error in your code:

    ....
-H 'Authorization : Bearer A21AAIZFjd0g3gpxiHckR1s60mg17K8GtlcvypfSxzKxWAFBFpeqM7t_8XdifcV1RRBwUvFeExF_OgKU2-PWxGS0oZeLDZ4-Q' \
....
}

    Error:

    -H Authorization : Bearer YOUR_TOKEN
                ^
            error here

    It should not have a "spacing" after the word Authorization. The correct way should be:

    Correct:

    -H Authorization: Bearer YOUR_TOKEN