PayPal 交易搜索 API:PERMISSION_DENIED,请求的操作没有权限
[英]PayPal Transaction Search API: PERMISSION_DENIED, No Permission for the requested operation
问题描述
I'm writing a service (in .NET Core 3.1 and Refit if it matters) that pulls transaction activities from my PayPal business account for a given date range to use on an admin dashboard.
我正在编写一项服务(在 .NET Core 3.1 和 Refit 中,如果重要的话),它从我的 PayPal 业务帐户中提取给定日期范围内的交易活动,以在管理仪表板上使用。 Currently I'm following the tutorial here:目前我正在关注这里的教程:
https://developer.paypal.com/docs/api/get-an-access-token-postman/ https://developer.paypal.com/docs/api/get-an-access-token-postman/
and here:和这里:
https://developer.paypal.com/docs/api/transaction-search/v1/https://developer.paypal.com/docs/api/transaction-search/v1/
The first part, I can get an authorization key just fine (using curl or postman, curl below第一部分,我可以得到一个授权密钥就好了(使用 curl 或 postman,curl 下面
curl --location --request POST 'https://api.paypal.com/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic <my client id>:<my secret>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
// not sure what this is, postman specific maybe?
--header 'Cookie: tsrce=devdiscoverynodeweb; ts=vr%3D0cee9361171ac120001362adffec14c3%26vreXpYrS%3D1679730671%26vteXpYrS%3D1585061694%26vt%3D0cee9390171ac120001362adffec14c2' \
--data-urlencode 'grant_type=client_credentials'
This gives me an auth token both in postman and my custom service just fine.这在邮递员和我的自定义服务中都为我提供了一个身份验证令牌。 Next, when I try to pull the transactions (both in Postman and in code), I get an error接下来,当我尝试提取交易(在 Postman 和代码中)时,我得到一个错误
cUrl:卷曲:
curl --location --request GET 'https://api.paypal.com/v1/reporting/transactions?start_date=2020-03-01T00:00:00Z&end_date=2020-03-31T23:59:59Z' \
--header 'Authorization: Bearer <my token>' \
// Postman???
--header 'Cookie: tsrce=devdiscoverynodeweb; ts=vr%3D0cee9361171ac120001362adffec14c3%26vreXpYrS%3D1679730671%26vteXpYrS%3D1585061694%26vt%3D0cee9390171ac120001362adffec14c2'
Error:错误:
{
"localizedMessage": "No permission for the requested operation. ",
"suppressed": [],
"name": "PERMISSION_DENIED",
"message": "No permission for the requested operation. ",
"details": [
{
"field": null,
"value": null,
"location": null,
"issue": "No permission for the requested operation. "
}
],
"information_link": "https://developer.paypal.com/docs/classic/products/permissions/",
"debug_id": "7e315038e8073"
}
The info link in the error starts talking about 3rd party permissions, which I'm not sure is applicable because it is my Business account.错误中的信息链接开始谈论第 3 方权限,我不确定这是否适用,因为它是我的企业帐户。 Anyone have any ideas?有人有想法么? I checked transaction history on my app in PayPal, so I'm at a lost.我在 PayPal 中检查了我的应用程序的交易历史记录,所以我很迷茫。
Thanks in advance提前致谢
3 个解决方案
解决方案1
15 已采纳 2020-03-25 16:38:09
You need the scope https://uri.paypal.com/services/reporting/search/read .. if it's not there in the oauth2 response, double check your REST App's permissions.您需要范围https://uri.paypal.com/services/reporting/search/read .. 如果 oauth2 响应中没有它,请仔细检查您的 REST 应用程序的权限。
Refreshing an access token刷新访问令牌
Existing access tokens are cached for 9 hours--so if you already requested an API token and then just added this permission to your app, it can take up to 9 hours for that permission's new scope to be reflected in the next token's generation.现有访问令牌缓存 9 小时 - 因此,如果您已经请求 API 令牌,然后只是将此权限添加到您的应用程序,则该权限的新范围可能需要长达 9 小时才能反映在下一代令牌中。
To avoid waiting 9 hours, you can terminate that existing cached token with:为避免等待 9 小时,您可以使用以下命令终止现有的缓存令牌:
curl -X POST https://api.sandbox.paypal.com/v1/oauth2/token/terminate \
-u "yourclientid:yoursecret" \
-d "token=REPLACE_WITH_YOUR_TOKEN"
After termination, your next call to get a token will get a newly-generated one, including the new scope that was just added to the REST app.终止后,您下一次获取令牌的调用将获得一个新生成的令牌,包括刚刚添加到 REST 应用程序的新范围。
解决方案2
2 2021-01-28 16:17:40
I have had the same issue and after much looking around I fixed it by:我遇到了同样的问题,经过多次环顾后,我通过以下方式修复了它:
- ticking the "Transaction Search" in the API in the payment dev account在支付开发账户的 API 中勾选“交易搜索”
- Adding Accept-Language: en_US and Content-Type: application/json to the headers which was the main struggle.将 Accept-Language: en_US 和 Content-Type: application/json 添加到标题中,这是主要的斗争。 Here is my final code (in PHP):这是我的最终代码(在 PHP 中):
<?
$clientId = 'AfC.....';
$secret = "EJs......";
$url_base= 'https://api-m.sandbox.paypal.com/';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url_base . "v1/oauth2/token");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json','Accept-Language: en_US'));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, $clientId.":".$secret);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials");
$result = curl_exec($ch);
if(empty($result))die("Error: No response.");
else
{//token received
$json = json_decode($result, true);
print_r($json['scope']);
//place a call
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url_base . "v1/reporting/transactions?start_date=2020-12-01T00:00:00-0700&end_date=2020-12-30T23:59:59-0700&fields=all");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json',"Authorization: Bearer ".$json['access_token']."", 'Accept-Language: en_US', 'Content-Type: application/json'));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($test));
$result = curl_exec($ch);
if(empty($result))die("Error: No response.");
else
{
$result= json_decode($result, true);
print_r($result);
}
}//end of token received
curl_close($ch);
Hope this helps someone else, I know the question is old!希望这对其他人有帮助,我知道这个问题很老了!
解决方案3
0 2022-07-12 06:14:25
It helped me to do the following:它帮助我做到了以下几点:
Add the permissions in the development app.
在开发应用程序中添加权限。 Generate the token again
再次生成令牌
and ready!!准备好了!!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.