I’m writing a service (in .NET Core 3.1 and Refit if it matters) that pulls transaction activities from my PayPal business account for a given date range to use on an admin dashboard. Currently I’m following the tutorial here:
https://developer.paypal.com/docs/api/get-an-access-token-postman/
and here:
https://developer.paypal.com/docs/api/transaction-search/v1/
The first part, I can get an authorization key just fine (using curl or postman, curl below
curl --location --request POST 'https://api.paypal.com/v1/oauth2/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--header 'Authorization: Basic <my client id>:<my secret>'
--header 'Content-Type: application/x-www-form-urlencoded'
// not sure what this is, postman specific maybe?
--header 'Cookie: tsrce=devdiscoverynodeweb; ts=vr%3D0cee9361171ac120001362adffec14c3%26vreXpYrS%3D1679730671%26vteXpYrS%3D1585061694%26vt%3D0cee9390171ac120001362adffec14c2'
--data-urlencode 'grant_type=client_credentials'
This gives me an auth token both in postman and my custom service just fine. Next, when I try to pull the transactions (both in Postman and in code), I get an error
cUrl:
curl --location --request GET 'https://api.paypal.com/v1/reporting/transactions?start_date=2020-03-01T00:00:00Z&end_date=2020-03-31T23:59:59Z'
--header 'Authorization: Bearer <my token>'
// Postman???
--header 'Cookie: tsrce=devdiscoverynodeweb; ts=vr%3D0cee9361171ac120001362adffec14c3%26vreXpYrS%3D1679730671%26vteXpYrS%3D1585061694%26vt%3D0cee9390171ac120001362adffec14c2'
Error:
{
"localizedMessage": "No permission for the requested operation. ",
"suppressed": [],
"name": "PERMISSION_DENIED",
"message": "No permission for the requested operation. ",
"details": [
{
"field": null,
"value": null,
"location": null,
"issue": "No permission for the requested operation. "
}
],
"information_link": "https://developer.paypal.com/docs/classic/products/permissions/",
"debug_id": "7e315038e8073"
}
The info link in the error starts talking about 3rd party permissions, which I’m not sure is applicable because it is my Business account. Anyone have any ideas? I checked transaction history on my app in PayPal, so I’m at a lost.
Thanks in advance
3
Answers
You need the scope
https://uri.paypal.com/services/reporting/search/read
.. if it’s not there in the oauth2 response, double check your REST App’s permissions.Refreshing an access token
Existing access tokens are cached for 9 hours–so if you already requested an API token and then just added this permission to your app, it can take up to 9 hours for that permission’s new scope to be reflected in the next token’s generation.
To avoid waiting 9 hours, you can terminate that existing cached token with:
After termination, your next call to get a token will get a newly-generated one, including the new scope that was just added to the REST app.
I have had the same issue and after much looking around I fixed it by:
Hope this helps someone else, I know the question is old!
It helped me to do the following:
Add the permissions in the development app.
Generate the token again
and ready!!