paypal express checkout =>Error: Security header is not valid
Asked Answered
K

5

43

Error : Security header is not valid Array

(
    [TIMESTAMP] => 2014%2d04%2d29T07%3a24%3a29Z
    [CORRELATIONID] => 6af6749c848d6
    [ACK] => Failure
    [VERSION] => 109%2e0
    [BUILD] => 10800277
    [L_ERRORCODE0] => 10002
    [L_SHORTMESSAGE0] => Security%20error
    [L_LONGMESSAGE0] => Security%20header%20is%20not%20valid
    [L_SEVERITYCODE0] => Error
)

I am getting this error again and again and cannot move ahead. I had checked all the api username, password and signature, all are correct, but the main problem is that, all the things are already stored in paypal sandbox account but it cannot give back to the page. I mean to say transection is shown in sandbox account but it cannot send forward to the display page. Am I wrong somewhere?

Kania answered 29/4, 2014 at 7:48 Comment(1)
I was using the correct credentials, but apparently it won't work if you have a "+" in your email address. Well PayPal sucks, and we all know that.Jellybean
T
74

generally this error means you are not using the correct API credentials. If you are convinced your credentials are correct then take a look at your endpoint. Sandbox credentials will not be valid in the production environment and live credentials will produce this error in the sandbox

Titanomachy answered 29/4, 2014 at 11:55 Comment(5)
I was getting the same error as in the original question when I was using the following Golang PayPal package: github.com/crowdmob/paypal. In case someone else runs into a similar error, the relevant PAYPAL_TEST_USERNAME can be found under Sandbox -> Accounts -> Profile -> API Credentials and it will look like username-facilitator_api1.domain.com. It will not be the regular [email protected]. You will also find the relevant PAYPAL_TEST_PASSWORD on that page. Hopefully this saves someone some time.Weir
This is a good tip. I'd add that you need to make sure to choose a BUSINESS profile that is [email protected] otherwise the API Credentials tab won't appear in the Profile section. Here is a screenshot slidemodel.com/images/misc/…Odds
I do this several times a year and still have to look this up every time. This time the problem was as @Weir suggested: I had added the email/username without appending the _api1. PayPal is ridiculous.Murat
Thanks you @julianm, your response was the resolution for me.Destruct
I suggest also to check if there are no spaces before and after values which have been copied from PayPal page.Blowup
C
9

I had this issue because my login contained "+"(plus) sign. Finally I manually decoded it to "%2B" as described here http://www.zen-cart.com/showthread.php?80849-Plus-sign-%28-quot-quot-%29-in-user-name-causes-security-header-failure-in-Paypal-Express-Checkou and the issue gone.

Campobello answered 2/12, 2014 at 15:50 Comment(2)
You nailed it. I googled many pages and this is what helped. Thanks a lot.Nike
Exactly. Thanks a million. I like to use my gmail with + to add additional aliases and same error resolved after I remove + sign.Thomism
C
2

It doesn't always mean invalid API credential or wrong endpoint

If you're absolutely sure in this info, check the encoding you're making your request with - it should be UTF-8 without Byte-Order Mark (BOM), e.g (in Visual C# .NET)

var requestEncoding = new UTF8Encoding(false); // UTF-8 without BOM

using (var streamWriter = new StreamWriter(request.GetRequestStream(), requestEncoding))
{
    streamWriter.Write(requestBody);
}

This is not a default value, and it helped me after an hour of checking everything

Of course, make sure all of your parameters are URL encoded, too

Cathleencathlene answered 18/4, 2016 at 15:15 Comment(1)
this was my problem when upgrading an older paypal solutionFulks
M
1

API_USERNAME API_PASSWORD API_SIGNATURE PAYPAL_URL

apart from them change this too:

** (from Sandbox > Live)**

Mithras answered 23/9, 2014 at 7:5 Comment(1)
The mode options ("sandbox" and "live") are both lowercase - had to dig through the source code to even find these options the first time, the "live" value doesn't appear anywhere in the docs.Turaco
J
1

Wrong credentials Make sure that you've put your API Username, API Password and API Signature correctly. Sometimes it happens that during copy and paste there is accidently a space added, this would trigger this error. Doublecheck this settings in the SDK or in the admin panel of your third party shopping cart.

Wrong Endpoint This error would come up if you send the data to the wrong endpoint. Make sure that you sending the live credentials and data to our live endpoint. When you want to test your store make sure that you use our test endpoint and the credentials from your sandbox test account. If you are using a third party shopping cart, make sure that your store is running in test or live mode, regarding which credentials you are using. FOR LIVE

https://api-3t.paypal.com/nvp?&user=xxxxxxxxxx&pwd=xxxxxxxxxx&signature=xxxxxxxxxx&version=70.0&METHOD=SetExpressCheckout&RETURNURL=http://www.paypal.com/test.php&CANCELURL=http://www.paypal.com/test.php&PAYMENTACTION=Sale&AMT=50&CURRENCYCODE=USD

FOR SANDBOX

https://api-3t.sandbox.paypal.com/nvp?&user=xxxxxxxxxx&pwd=xxxxxxxxxx&signature=xxxxxxxxxx&version=70.0&METHOD=SetExpressCheckout&RETURNURL=http://www.paypal.com/test.php&CANCELURL=http://www.paypal.com/test.php&PAYMENTACTION=Sale&AMT=50&CURRENCYCODE=USD

For reffrence link

Jaborandi answered 31/12, 2015 at 9:45 Comment(1)
please edit your post and link to the original post where you copied this text fromReginareginald

© 2022 - 2024 — McMap. All rights reserved.