Skip to main content
POST
/
v2
/
checkout
/
orders
/
{id}
/
confirm-payment-source
curl --request POST \
  --url https://api-m.paypal.com/v2/checkout/orders/{id}/confirm-payment-source \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "payment_source": {
    "paypal": {
      "name": {
        "given_name": "John",
        "surname": "Doe"
      },
      "email_address": "customer@example.com",
      "experience_context": {
        "payment_method_preference": "IMMEDIATE_PAYMENT_REQUIRED",
        "brand_name": "EXAMPLE INC",
        "locale": "en-US",
        "landing_page": "LOGIN",
        "shipping_preference": "SET_PROVIDED_ADDRESS",
        "user_action": "PAY_NOW",
        "return_url": "https://example.com/returnUrl",
        "cancel_url": "https://example.com/cancelUrl"
      }
    }
  }
}
'
{
  "id": "5O190127TN364715T",
  "payment_source": {
    "paypal": {
      "name": {
        "given_name": "John",
        "surname": "Doe"
      },
      "email_address": "customer@example.com"
    }
  },
  "payer": {
    "name": {
      "given_name": "John",
      "surname": "Doe"
    },
    "email_address": "customer@example.com"
  },
  "links": [
    {
      "href": "https://api.paypal.com/v2/checkout/orders/5O190127TN364715T",
      "rel": "self",
      "method": "GET"
    },
    {
      "href": "https://www.paypal.com/checkoutnow?token=5O190127TN364715T",
      "rel": "payer-action",
      "method": "GET"
    }
  ]
}

Authorizations

Authorization
string
header
required

Oauth 2.0 authentication

Headers

PayPal-Client-Metadata-Id
string

A GUID value originating from Fraudnet and Dyson passed from external API clients via HTTP header. The value is used by Risk decisions to correlate calls which, in turn, might result in lower decline rates.. A Globally Unique Identifier (GUID) value.

Required string length: 1 - 68
Authorization
string

Holds authorization information for external API calls. Standard headers are generally less restrictive in structure due to historical precedent across browsers, etc. This is a common schema for use in defining most standard headers.

Required string length: 1 - 16000
PayPal-Auth-Assertion
string

Header for an API client-provided JWT assertion that identifies the merchant. Establishing the consent to act-on-behalf of a merchant is a prerequisite for using this header.

Required string length: 1 - 10000
Prefer
string
default:return=minimal

The preferred server response upon successful completion of the request. Value is:

  • return=minimal. The server returns a minimal response to optimize communication between the API caller and the server. A minimal response includes the id, status and HATEOAS links.
  • return=representation. The server returns a complete resource representation, including the current state of the resource.

Required string length: 1 - 25

Path Parameters

id
string
required

The ID of the order for which the payer confirms their intent to pay.

Required string length: 1 - 36

Body

application/json

Payer confirms the intent to pay for the Order using the provided payment source.

payment_source
payment_source · object
required

The payment source definition.

application_context
Order Confirm Application Context · object

Customizes the payer confirmation experience.

Response

A successful request indicates that the payment source was added to the Order. A successful request returns the HTTP 200 OK status code with a JSON response body that shows order details.

The order details.

create_time
string

The date and time when the transaction occurred, in Internet date and time format.

Required string length: 20 - 64
update_time
string

The date and time when the transaction was last updated, in Internet date and time format.

Required string length: 20 - 64
id
string

The ID of the order.

Maximum string length: 2147483647
payment_source
payment_source_response · object

The payment source used to fund the payment.

intent
enum<string>

The intent to either capture payment immediately or authorize a payment for an order after order creation.

Available options:
CAPTURE,
AUTHORIZE
payer
payer · object
deprecated

DEPRECATED. The customer is also known as the payer. The Payer object was intended to only be used with the payment_source.paypal object. In order to make this design more clear, the details in the payer object are now available under payment_source.paypal. Please use payment_source.paypal. DEPRECATED

SeeSince Version
payment_source.paypal2.9

purchase_units
purchase_unit · object[]

An array of purchase units. Each purchase unit establishes a contract between a customer and merchant. Each purchase unit represents either a full or partial order that the customer intends to purchase from the merchant.

Required array length: 1 - 10 elements
status
enum<string>

The order status.

Available options:
CREATED,
SAVED,
APPROVED,
VOIDED,
COMPLETED,
PAYER_ACTION_REQUIRED
links
link_description · object[]

An array of request-related HATEOAS links. To complete payer approval, use the approve link to redirect the payer. The API caller has 6 hours (default setting, this which can be changed by your account manager to 24/48/72 hours to accommodate your use case) from the time the order is created, to redirect your payer. Once redirected, the API caller has 6 hours for the payer to approve the order and either authorize or capture the order. If you are not using the PayPal JavaScript SDK to initiate PayPal Checkout (in context) ensure that you include application_context.return_url is specified or you will get "We're sorry, Things don't appear to be working at the moment" after the payer approves the payment.

Maximum array length: 32767