Overview

Payment Authorization is the last API call in the PayPal checkout flow, and it is used to finally authorize the payment. If the ResponseCode from the Payment Authorization response is Success then the Order has been placed successfully and the PayPal checkout flow is complete.

The Payment Authorization API uses the Vault Id created through either the PayPal DoAuthorization or PayPal Vault Id Creation APIs; Along with that include the optional Customer Id in the request to link Vault Ids under the same Shopper. If not provided, PayPal will generate a Customer Id automatically.

Auto-Capture and Post-Capture flows are specificed by the authorizationMode chosen by the Webstore.

URI Description

Action URI Template URI Example Request Content Type Response Content Type
POST /vM.m/stores/{StoreID}/payments/authorization/create/{tenderType}.json /v1.0/stores/TMSUS/payments/authorization/create/PY.json application/json application/json

Request Elements

Element Required Description Type Restriction
createTimestamp Yes Timestamp when the request is sent String dateTime
orderInformation Yes Information about the order which is the unique identifier of an order. ObjectType  
orderInformation.softDescriptor Yes Merchants to pass their soft description to be displayed on the shoppers bank statement, generally business name in short form. String Min 1 characters Max 130 characters
orderInformation.orderId Yes Unique identifier for an order. String Min 3 char Max 40 characters
paymentMethod Yes Unique identifier of the payment transaction for the order. ObjectType  
paymentMethod.payPalVaultData Yes Payment Information of the PayPal. ObjectType  
paymentMethod.payPalVaultData.id Yes PayPal Vault Id is created through either the PayPal DoAuthorization API or the PayPal Payment Method Create API. String Min 4 characters
paymentMethod.payPalVaultData.customerId No PayPal customer id. Customer Id will be present only when Vault is enabled. String Min 4 characters
amounts Yes Amount value and currency code of the order ObjectType  
amounts.total Yes Total amount value and currency code of the order ObjectType  
amounts.total.currencyCode Yes The currency of the order amount ISO 4217 currency code  
amounts.total.value Yes Total value of the authorization. Decimal Min 0.00 Max 9 digits Fraction 2 digits
billingInformation Yes Represents Billing Information of the order. Contains Shopper Contact Information and Address. ObjectType  
billingInformation.address Yes Represents Shopper billing address information. ObjectType  
billingInformation.address.line1 Yes The line1 components contain the street address. String Min 1 character Max 70 characters
billingInformation.address.city Yes City of the Billing Address. String Min 1 character Max 40 characters
billingInformation.address.mainDivision Yes Typically, a two- or three-digit postal abbreviation for the state or province. ObjectType  
billingInformation.address.mainDivision.code Yes Typically, a two- or three-digit postal abbreviation for the state or province. This does not necessarily conform to the ISO 3166-2 code. String Min 1 character Max 5 characters
billingInformation.address.country Yes Two-digit ISO country code conforming to ISO 3166 alpha 2. See: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 String  
billingInformation.address.postalCode Yes Postal code of the Billing Address. String Min 1 character Max 35 characters
billingInformation.contact Yes Represents Shopper billing contact information. ObjectType  
billingInformation.contact.person Yes Represents Shopper billing contact person information. ObjectType  
billingInformation.contact.person.name Yes Represents Shopper billing contact person name information. ObjectType  
billingInformation.contact.person.name.firstName Yes The first name of the Shopper placing the order. String Min 1 Character Max 64 characters
billingInformation.contact.person.name.lastName Yes The last name of the Shopper placing the order. String Min 1 Character Max 64 characters
billingInformation.contact.emailAddresses Yes Email address of the Shopper. Array of String Min 3 characters Max 150 characters
billingInformation.contact.phoneNumbers Yes Shopper phone number used for order follow-up. Array of String Min 10 characters Max 40 characters
shippingInformation Yes Represents Shipping Information of the order. Contains Shopper Contact Information and Address. ObjectType  
shippingInformation.address Yes Represents Shopper shipping address information. ObjectType  
shippingInformation.address.line1 Yes The line1 components contain the street address. String Min 1 character Max 70 characters
shippingInformation.address.city Yes City of the Shipping Address. String Min 1 character Max 40 characters
shippingInformation.address.mainDivision Yes Typically, a two- or three-digit postal abbreviation for the state or province. ObjectType  
shippingInformation.address.mainDivision.code Yes Typically, a two- or three-digit postal abbreviation for the state or province. This does not necessarily conform to the ISO 3166-2 code. String Min 1 character Max 5 characters
shippingInformation.address.country Yes Two-digit ISO country code conforming to ISO 3166 alpha 2. See: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 String  
shippingInformation.address.postalCode Yes Postal code of the Shipping Address. String Min 1 character Max 35 characters
shippingInformation.contact Yes Represents Shopper shippingInformation contact information. ObjectType  
shippingInformation.contact.person Yes Represents Shopper shippingInformation contact person information. ObjectType  
shippingInformation.contact.person.name Yes Represents Shopper shippingInformation contact person name information. ObjectType  
shippingInformation.contact.person.name.firstName Yes The first name of the Shopper placing the order. String Min 1 Character Max 64 characters
shippingInformation.contact.person.name.lastName Yes The last name of the Shopper placing the order. String Min 1 Character Max 64 characters
shippingInformation.contact.emailAddresses Yes Email address of the Shopper. Array of String Min 3 characters Max 150 characters
shippingInformation.contact.phoneNumbers Yes Shopper phone number used for order follow-up. String Min 10 characters Max 40 characters
processingOptions No Processing options. ObjectType  
processingOptions.authorizationMode No Processing option for the shipment. Enum It only allows AUTO_CAPTURE. To enable AutoCapture set authorizationMode as AUTO_CAPTURE, otherwise ignore processingOptions object for post-capture.

Request Example

Payment Authorization request with Post-Capture.

Copy
{
    "orderInformation": {
        "orderId": "365",
        "softDescriptor": "Paypal*Amazon*5699 $40.00"
    },
    "requestId": "PAYAU541501814",
    "createTimestamp": "2025-04-02T09:29:13Z",
    "paymentMethod": {
        "payPalVaultData": {
            "id": "7c282279pb3649525"
        }
    },
    "amounts": {
        "total": {
            "currencyCode": "USD",
            "value": 45
        }
    },
    "billingInformation": {
        "address": {
            "city": "King of Prussia",
            "country": "US",
            "line1": "935 First Ave",
            "mainDivision": {
                "code": "PA"
            },
            "postalCode": "19406"
        },
        "contact": {
            "emailAddresses": [
                "testtest@gmail.com"
            ],
            "person": {
                "name": {
                    "firstName": "Test",
                    "lastName": "Tester"
                }
            },
            "phoneNumbers": [
                "9876543120"
            ]
        }
    }
}

Payment Authorization request with Auto-Capture

Copy
{
    "orderInformation": {
        "orderId": "365"
    },
    "requestId": "PAYAU541501814",
    "createTimestamp": "2025-04-02T09:29:13Z",
    "paymentMethod": {
        "payPalVaultData": {
            "id": "7c282279pb3649525"
        }
    },
    "amounts": {
        "total": {
            "currencyCode": "USD",
            "value": 45
        }
    },
    "billingInformation": {
        "address": {
            "city": "King of Prussia",
            "country": "US",
            "line1": "935 First Ave",
            "mainDivision": {
                "code": "PA"
            },
            "postalCode": "19406"
        },
        "contact": {
            "emailAddresses": [
                "testtest@gmail.com"
            ],
            "person": {
                "name": {
                    "firstName": "Test",
                    "lastName": "Tester"
                }
            },
            "phoneNumbers": [
                "9876543120"
            ]
        }
    },
    "processingOptions": {
      "authorizationMode": "AUTO_CAPTURE"
   }
}

Response Elements

Element Required Description Type Restriction
success Yes Attribute that indicates whether the authorization is success or not. Boolean true or false
result Yes This contains details of the authorization result. ObjectType  
orderId Yes Unique identifier for an order. String Min 3 characters Max 40 characters
paymentMethod Yes Unique identifier of the payment transaction for the order. ObjectType  
paymentMethod.tender Yes Identifies the tender. PY is the tender for PayPal. String Only 2 characters
paymentMethod.accountIdentifier Yes Contains identifier and token information. ObjectType  
paymentMethod.accountIdentifier.identifier Yes PAYPAL String  
paymentMethod.accountIdentifier.token Yes Attribute that indicates whether the account identifier is tokenized. Boolean true or false
result.amountAuthorized Yes Amount value and currency code of the order ObjectType  
result.amountAuthorized.value Yes Total value of the authorization. Decimal Min 0.00 Max 9 digits Fraction 2 digits
result.amountAuthorized.currencyCode Yes The currency of the order amount ISO 4217 currency code  
result.responseCode Yes Used by client to determine APPROVED or DECLINED or ERROR response. Enum Can be any of these values: APPROVED DECLINED ERROR
result.responseCodeDescription Yes Reponse code description. String  
errors.systemId Yes Radial generated unique identifier for the error. String  
errors.code Yes Error code of the transaction. Enum TIMEOUT
errors.message Yes Error code description. String  
riskData No Risk data from PayPal. ObjectType  
riskData.paymentStatus No Payment status information. enum COMPLETE
riskData.payerInformation No Payer Information. ObjectType
riskData.payerInformation.payerId No Payer Id. String Max 40 Characters
riskData.payerInformation.payerStatus No Give the status of the payer, whether payer is Verified or Unverified payer. String VERIFIED, UNVERIFIED
riskData.payerInformation.contact No Payer Contact Information of the payer. ObjectType
riskData.payerInformation.contact.emailAddresses No Payer contact email addresses. Array Min 3 characters Max 150 characters
riskData.payerInformation.contact.phoneNumbers No Payer contact phone numbers. Array Min 10 characters Max 40 characters
riskData.payerInformation.address No Payer Contact address. ObjectType
riskData.payerInformation.country No Payer country. String 2 Characters.

Two digit ISO 3166 alpha 2 code country code. See: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2.

riskData.paypal No PayPal Protection Information. ObjectType
riskData.paypal.protectionEligibility No PayPal Protection Eligibility. String It can be "ELIGIBLE", "PARTIALLY_ELIGIBLE" or "INELIGIBLE"
riskData.paypal.expressCheckoutToken No PayPal Express checkout token. String Min 3 characters Max 40 characters
riskData.paypal.protectionEligibilityTypes No PayPal Express protection eligibility type. Array It can be ITEM_NOT_RECEIVED or UNAUTHORIZED_TRANSACTION

Success Response Example

Payment Authorization Response with Post-Capture

Copy
{
    "success" : true,
    "requestId" : "PAYAU1043050331",
    "result" : {
        "orderId" : "359",
        "paymentMethod" : {
            "tender" : "PY",
            "accountIdentifier" : {
                "identifier" : "PAYPAL",
                "token" : true
            }
        },
        "responseCode" : "APPROVED",
        "amountAuthorized" : {
            "value" : 45,
            "currencyCode" : "USD"
        },
        "riskData" : {
            "paymentStatus" : "COMPLETED",
            "payerInformation" : {
                "payerId" : "QHR4ZMQ8FZ5K6",
                "payerStatus" : "VERIFIED",
                "contact" : {
                    "emailAddresses" : [
                        "qa@gsi.com"
                    ],
                    "phoneNumbers" : [
                        "4843407988"
                    ]
                },
                "address" : {
                    "country" : "US"
                }
            },
            "paypal" : {
                "protectionEligibility" : "ELIGIBLE",
                "expressCheckoutToken" : "07W52911LT768222D",
                "protectionEligibilityTypes" : [
                    "ITEM_NOT_RECEIVED",
                    "UNAUTHORIZED_TRANSACTION"
                ]
            }
        }
    }
}

Payment Authorization Response with Auto-Capture

Copy
{
    "success" : true,
    "requestId" : "PAYAU541501814",
    "result" : {
        "orderId" : "365",
        "paymentMethod" : {
            "tender" : "PY",
            "accountIdentifier" : {
                "identifier" : "PAYPAL",
                "token" : true
            }
        },
        "responseCode" : "SUCCESS",
        "amountAuthorized" : {
            "value" : 45,
            "currencyCode" : "USD"
        },
        "riskData" : {
            "paymentStatus" : "COMPLETED",
            "payerInformation" : {
                "payerId" : "QHR4ZMQ8FZ5K6",
                "payerStatus" : "VERIFIED",
                "contact" : {
                    "emailAddresses" : [
                        "qa@gsi.com"
                    ],
                    "phoneNumbers" : [
                        "4843407988"
                    ]
                },
                "address" : {
                    "country" : "US"
                }
            },
            "paypal" : {
                "protectionEligibility" : "ELIGIBLE",
                "expressCheckoutToken" : "9MP514270K5810902",
                "protectionEligibilityTypes" : [
                    "ITEM_NOT_RECEIVED",
                    "UNAUTHORIZED_TRANSACTION"
                ]
            }
        }
    }
}

Response Handling

The Payment Authorization request and response handling include failure, fault and timeout scenarios.

Failure Processing

A Failure in the Payment Authorization call will return Failure in the ResponseCode, as shown in the following example.

In the event of a Failure, ensure the different request ID is passed to support idempotency detection.

Example: 1

Copy
{
    "success" : false,
    "requestId" : "PAYAU1986296268",
    "result" : {
        "orderId" : "267",
        "paymentMethod" : {
            "tender" : "PY",
            "accountIdentifier" : {
                "identifier" : "PAYPAL",
                "token" : true
            }
        },
        "responseCode" : "FAIL",
"responseCodeDescription" : "If the currency supports decimals, only two decimal place precision is
supported. (field: /purchase_units/@reference_id=='default'/amount/value, value: 109.0000)",
        "amountAuthorized" : {
            "value" : 0,
            "currencyCode" : "USD"
        }
    }
}

Example: 2

Copy
{
    "success" : false,
    "requestId" : "Testt-12345",
    "result" : {
        "orderId" : "267",
        "paymentMethod" : {
            "tender" : "PY",
            "accountIdentifier" : {
                "identifier" : "PAYPAL",
                "token" : true
            }
        },
        "responseCode" : "FAIL",
"responseCodeDescription" : "You do not have permission to access or perform operations on this
resource.",
        "amountAuthorized" : {
            "value" : 0,
            "currencyCode" : "USD"
        }
    }
}

If the ResponseCode value is Failure, the following steps should be performed to conclude the Express Checkout flow:

The webstore refuses the order and show the Shopper alternate payment options.

For details of the PayPal Payment Authorization request and response, see PayPal Payment Authorization Using Vault Id.

Timeout Processing

If the ResponseCode value is Timeout, the webstore can retry the Payment Authorization call. The following example shows a timeout response.

In the event of a Timeout, ensure the same request ID is passed to support idempotency detection.

Copy
{
    "success" : false,
    "requestId" : "526ae2b0-c763-4046-b012-9655a0e9bc1d",
    "errors" : [
        {
            "systemId" : "890664a3-8ae7-4b23-8ca4-b755bdda3d25",
            "code" : "TIMEOUT",
            "message" : "A gateway timeout occurred while processing the request."
        }
    ]
}

Radial recommends a maximum of three retry attempts, but the Payment service does not enforce a specific limit in the number of retries.

For detailed API interactions, refer to: PayPal SetExpress, PayPal Vault Creation, PayPal Payment Authorization Using Vault Id and PayPal Vault Id Deletion.

Fault Response

The errors are the list.

Copy
{
    "success": false,
    "errors": [
        {
            "systemId": "84d256fa-5515-48a9-bd2f-cdb1495ba28a",
            "code": "InvalidRequestJsonException",
            "message": "$: required property 'createTimestamp' not found"
        },
        {
            "systemId": "322a1744-92de-4821-a483-0c6006c544e8",
            "code": "InvalidRequestJsonException",
            "message": "$: required property 'requestId' not found"
        }
    ]
}

Next Step

If the Vault Id is no longer needed, delete it using the Payment Method Delete call.