PayPal Authenticate an Element

You can authenticate with PayPal to create your own instance of the PayPal element through the UI or through APIs. Once authenticated, you can use the element instance to access the different functionality offered by the PayPal platform.

Authenticate Through the UI

Use the UI to authenticate with PayPal and create an element instance. Because you authenticate with PayPal via OAuth 2.0, all you need to do is add a name for the instance and provide your API key and API secret you identified in PayPal API Provider Setup. After you create the instance, you'll log in to PayPal to authorize Cloud Elements to access your account. For more information about authenticating an element instance, see Authenticate an Element Instance (UI)

After successfully authenticating, we give you several options for next steps. Make requests using the API docs associated with the instance, map the instance to a virtual data resource, or use it in a formula template.

Authenticate Through API

PayPal is a Customer Success Platform. When you provision an instance, your app will have access to the different functionality offered by the PayPal platform.

Step 1. Get Elements OAuth Information

  • HTTP Header: None
  • HTTP Verb: GET
  • Request URL: /elements/{keyOrId}/oauth/url
  • Request Body: None
  • Query Parameters:

  • apiKey– the key obtained from registering your app with the provider

  • apiSecret – the secret obtained from registering your app with the provider

  • callbackUrl – the URL that you supplied to the provider when registering your app, state – any custom value that you want passed to the callback handler listening at the provided callback URL.

Description: The result of this API invocation is an OAuth redirect URL from the endpoint. Your application should now redirect to this URL, which in turn will present the OAuth authentication and authorization page to the user. When the provided callback URL is executed, a code value will be returned, which is required for the Create Instance API.

Example cURL Command:

curl -X GET
-H 'Content-Type: application/json'


  "oauthUrl": "",
  "element": "paypalv2"

Handle Callback from the Endpoint: Upon successful authentication and authorization by the user, the endpoint will redirect to the callback URL you provided when you setup your application with the endpoint, in our example, The endpoint will also provide two query string parameters: “state” and “code”. The value for the “state” parameter will be the name of the endpoint, e.g., paypalv2 in our example, and the value for the “code” parameter is the code required by Cloud Elements to retrieve the OAuth access and refresh tokens from the endpoint. If the user denies authentication and/or authorization, there will be a query string parameter called “error” instead of the “code” parameter. In this case, your application can handle the error gracefully.

Step 2. Create an Instance

To provision your PayPal element, use the /instances API.

Below is an example of the provisioning API call.

  • HTTP Headers: Authorization- User , Organization
  • HTTP Verb: POST
  • Request URL: /instances
  • Request Body: Required – see below
  • Query Parameters: none

Description: token is returned upon successful execution of this API. This token needs to be retained by the application for all subsequent requests involving this element instance.

A sample request illustrating the /instances API is shown below.

HTTP Headers:


This instance.json file must be included with your instance request. Please fill your information to provision. The “key” into Cloud Elements PayPal is “base”. This will need to be entered in the “key” field below depending on which element you wish to instantiate.

  "element": {
    "key": "paypalv2"
  "providerData": {
    "code": "Code on Return the URL"
  "configuration": {
    "oauth.api.key": "<INSERT_PAYPAL_CLIENT_ID>",
    "oauth.api.secret": "<INSERT_PAYPAL_CLIENT_SECRET>",
    "oauth.callback.url": "",
    "paypalv2.sandbox": false // default - if you wish to instantiate a sandbox account - then change to true
  "tags": [

Here is an example cURL command to create an instance using /instances API.

Example Request:

curl -X POST
-H 'Authorization: User <INSERT_USER_SECRET>, Organization <INSERT_ORGANIZATION_SECRET>'
-H 'Content-Type: application/json'
-d @instance.json

If the user does not specify a required config entry, an error will result notifying her of which entries she is missing.

Below is a successful JSON response:

  "id": 123,
  "name": "Test",
  "token": "5MOr3Sl/E4kww6mTjmjBYV/hAUAzz1g=",
  "element": {
    "id": 2244,
    "name": "Paypal v2",
    "key": "paypalv2",
    "description": "Add a Paypal Instance to connect your existing Paypal account to the Payments and Billing Hub, allowing you to manage your payments, transactions, etc. across multiple elements. You will need your Paypal account information to add an instance.",
    "image": "",
    "active": true,
    "deleted": false,
    "typeOauth": false,
    "trialAccount": false,
    "resources": [    ],
    "transformationsEnabled": true,
    "bulkDownloadEnabled": false,
    "bulkUploadEnabled": false,
    "cloneable": true,
    "beta": false,
    "authentication": {
      "type": "oauth2"
    "hub": "payment",
    "protocolType": "http",
    "parameters": [],
    "private": false
  "provisionInteractions": [],
  "valid": true,
  "disabled": false,
  "maxCacheSize": 0,
  "cacheTimeToLive": 0,
  "configuration": {
    "oauth.api.secret": "CLIENT_SECRET",
    "base.url": "",
    "": null,
    "oauth.token.url": "",
    "pagination.max": "10",
    "event.vendor.type": "webhooks",
    "paypalv2.sandbox": "false",
    "oauth.token.refresh_url": "",
    "oauth.user.token": "A103.QPuFPgkomCzjJTG_f73VFCQHI4qEsopHL_g_fC4Qz.mNBZKctsfSpUoUizFX8fH-S7n_e",
    "": "",
    "oauth.authorization.url": "",
    "event.notification.instance.finder": "",
    "pagination.type": "offset",
    "event.notification.callback.url": "false",
    "oauth.callback.url": "",
    "oauth.user.refresh_token": "R103.RB-y78o9os_AY8rVBEyOWc38OXmQkROO22-CokpqSAcnrBxQrWnFrm17hEmCaSZS3Zy0fA4NK4eU-SGUwz92zj3AJtx2Cy2SumzRqNQlbFlMvNF4jHB5",
    "oauth.user.refresh_interval": "3600",
    "oauth.api.key": "CLIENT_ID",
    "oauth.user.refresh_time": "1488818916580",
    "oauth.basic.header": "true",
    "event.notification.enabled": "false"
  "eventsEnabled": false,
  "eventsNotificationCallbackUrl": "false",
  "traceLoggingEnabled": false,
  "cachingEnabled": false,
  "externalAuthentication": "none"

Note: Make sure you have straight quotes in your JSON files and cURL commands. Please use plain text formatting in your code. Make sure you do not have spaces after the in the cURL command.

Instance Configuration

The content in the configuration section or nested object in the body posted to the POST /instances or PUT /instances/{id} APIs varies depending on which element is being instantiated. However, some configuration properties are common to all elements and available to be configured for all elements. These properties are -

  • event.notification.enabled: This property is a boolean property, and determines if event reception (via webhook or polling) is enabled for the element instance. This property defaults to false.
  • event.vendor.type: When event.notification.enabled property is set to true, this property determines the mechanism to use to receive or fetch changed events from the service endpoint. The supported values are webhook and polling. Most elements support one mechanism or the other, but some like support both mechanisms. This property is optional.
  • event.notification.type: This property can be used to determine how an event notification should be sent to the consumer of the element instance, in most cases your application. Currently, webhook is the only supported value for this property. This means that when an event is received by the element instance, it will get forwarded to the provided event.notification.callback.url via a webhook to you. This property is optional.
  • event.notification.callback.url: As mentioned above, the value of this property is an http or https URL to which we will post the event for consumption by your application. This property is optional.
  • filter.response.nulls: This property defaults to true, i.e., it's boolean property, and determines if null values in the response JSON should or should not be filtered from the response returned to the consuming application. By default, all null values are filtered from the response before sending the response to the consuming application.