- Collect and securely store PayPal payment methods without charging the customer.
- Create payment tokens for future use in subsequent transactions.
- Maintain PCI compliance by leveraging PayPal’s secure vault system.
Prerequisites
Before implementing vaulted payments, obtain your credentials and enable vaulting features in the PayPal Developer Dashboard.- Log in to the PayPal Developer Dashboard.
- In the navigation menu, use the Sandbox | Live toggle to select Live.
- Under Apps & Credentials > REST API apps, select your app name.
- Under API credentials, obtain the client ID and secret.
- To enable vaulting:
- Go to Features > Payment capabilities.
- Toggle on Save payment methods.
- To enable PayPal and Venmo vaulting:
- Go to Features > Payment methods.
- Toggle on PayPal and Venmo.
Set up your environment variables
In your project root, create a.env file and add your PayPal credentials:
Key concepts
Setup token vs payment token:- Setup Token: Temporary token used during the save payment flow
- Payment Token: Permanent token stored in PayPal’s vault for future use
- Conversion: Setup tokens are converted to payment tokens after customer approval
- VAULT_WITHOUT_PAYMENT: Save payment method without making a purchase
- VAULT_WITH_PAYMENT: Save payment method while making a purchase (not covered in this doc)
- IMMEDIATE: Token will be used right away
- DEFERRED: Token will be used at a future date
Integration flow
The PayPal save payment integration follows a specific flow:- Initialize PayPal SDK with your browser-safe client token.
- Check eligibility for save payment functionality.
- Create save payment session using vault-specific session options.
- Create setup token on your server.
- Start save payment session to collect payment method.
- Create payment token from vault setup token for future use.
Set up your front end
Build an HTML page and a JavaScript file to set up your front end.Build an HTML page
Build an HTML page that loads the PayPal JavaScript SDK and renders the save payment button.Initialize the SDK to save payment methods
Initialize the SDK using a browser-safe client token, check eligibility for the vault flow, and render the save payment button if PayPal is eligible.Configure the payment session
Define the session callbacks that handle approval, cancellation, and errors during the save payment flow.Set up button to save payments
Create the save payment session and attach a click handler that starts the vault flow when the customer selects the PayPal button.Set up your backend
PayPal APIs can either be called directly, or by using the PayPal TypeScript Server SDK. The following examples use the@paypal/paypal-server-sdk npm package.
Set up the PayPal TypeScript Server SDK
Step 1: Install the package.Client token endpoint
Create a server-side endpoint that generates a browser-safe client token for authenticating the front end with the PayPal SDK.Create setup token endpoint
Create a server-side endpoint that generates a setup token to start the customer-initiated vault flow.Create payment token endpoint
Payment tokens are long-lived values for making future payments. PayPal recommends storing them in your database. Do not pass them to the browser.Advanced features
The following code sample demonstrates how to configure a custom setup token.Configure custom setup token
Use a custom setup token to pass additional payer and merchant configuration to the vault flow.Resources
- PayPal Payment Method Tokens (vault) API reference
- PayPal Developer Dashboard
- PCI Compliance Guidelines
Support
For additional support and questions:- Visit PayPal Developer Community
- Check PayPal Developer Documentation
- Review the complete implementation: